US20110138164A1 - Digital broadcast receiver and booting method of digital broadcast receiver - Google Patents

Digital broadcast receiver and booting method of digital broadcast receiver Download PDF

Info

Publication number
US20110138164A1
US20110138164A1 US12/961,145 US96114510A US2011138164A1 US 20110138164 A1 US20110138164 A1 US 20110138164A1 US 96114510 A US96114510 A US 96114510A US 2011138164 A1 US2011138164 A1 US 2011138164A1
Authority
US
United States
Prior art keywords
broadcast receiver
interleaved
digital broadcast
booting
message digest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US12/961,145
Other versions
US8583909B2 (en
Inventor
Sang Hoon Cha
Bong Seok Kim
Chan Gyun Jeong
In Moon Kim
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
LG Electronics Inc
Original Assignee
LG Electronics Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by LG Electronics Inc filed Critical LG Electronics Inc
Priority to US12/961,145 priority Critical patent/US8583909B2/en
Assigned to LG ELECTRONICS INC. reassignment LG ELECTRONICS INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHA, SANG HOON, JEONG, CHAN GYUN, KIM, BONG SEOK, KIM, IN MOON
Publication of US20110138164A1 publication Critical patent/US20110138164A1/en
Application granted granted Critical
Publication of US8583909B2 publication Critical patent/US8583909B2/en
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4406Loading of operating system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/443OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB
    • H04N21/4432Powering on the client, e.g. bootstrap loading using setup parameters being stored locally or received from the server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/44Receiver circuitry for the reception of television signals according to analogue transmission standards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/44Receiver circuitry for the reception of television signals according to analogue transmission standards
    • H04N5/445Receiver circuitry for the reception of television signals according to analogue transmission standards for displaying additional information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Definitions

  • the present invention relates to a digital broadcast receiver and a booting method of the digital broadcast receiver and, most particularly, to a digital broadcast receiver and a booting method of the digital broadcast receiver that can perform fast booting while ensuring maximum system security.
  • the booting process When the power of a digital device is turned on, a booting process of the device is executed.
  • the booting process also includes a system security checking process, which verifies whether or not a security breach (or compromise) or hacking attempt has occurred in the corresponding digital device.
  • the major issues in the recent digital devices include the above-described security issue and also the issue on how to reduce the booting time.
  • the present invention is directed to provide a digital broadcast receiver and a booting method of the digital broadcast receiver that substantially obviate one or more problems due to limitations and disadvantages of the related art.
  • Another object of the present invention is to provide a method and device that can reduce a booting time while ensuring system security.
  • a further object of the present invention is to provide a method and device that can enhance the efficiency of the overall system while maintaining backward compatibility with the conventional system.
  • a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image; generating a digital signature of each interleaved portion; selecting a specific interleaved portion; generating a first message digest to read a region of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion; and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • a method of secure booting of a system in a digital broadcast receiver comprises dividing into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part; generating a digital signature of each interleaved portion; selecting a specific interleaved portion; generating a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion; and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • a digital broadcast receiver of secure booting of a system comprises a controller configured to control to align a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image, and generate a digital signature of each interleaved portion, the controller further configured to control to select a specific interleaved portion, generate a first message digest to read one or more regions of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion, and verify the firmware image based on the first and second message digest and boot the system in the digital broadcast receiver.
  • a digital broadcast receiver of secure booting of a system comprises a controller configured to control to divide into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part, and generate a digital signature of each interleaved portion, the controller further configured to select a specific interleaved portion, generate a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion, and verify the firmware image based on the first and second message digest and boot the system in the digital broadcast receiver.
  • FIG. 1 illustrates a block view showing an exemplary structure of a digital television receiver according to the present invention
  • FIG. 2 illustrates a secure booting method according to a first embodiment of the present invention
  • FIGS. 3 and 4 illustrate a secure booting method according to a second embodiment of the present invention
  • FIG. 5 illustrates a secure booting method according to a third embodiment of the present invention
  • FIG. 6 illustrates a flow chart of a secure booting process shown in FIG. 5 ;
  • FIG. 7 illustrates an exemplary file system according to the present invention
  • FIG. 8 illustrates a secure booting method using the characteristics of the file system shown in FIG. 7 ;
  • FIG. 9 illustrates a flow chart showing an exemplary operation flow of the secure booting method according to the present invention.
  • FIG. 10 illustrates an example of an entire firmware image being stored in a storage unit as a binary image according to the present invention
  • FIG. 11 illustrates an example of a plurality of applications, which are stored in the device, being classified as a plurality of partitions (a plurality of binaries) and stored in the storage unit according to the present invention
  • FIG. 12 illustrates an example of dividing fragments only for a Used Area of each partition according to the present invention
  • FIG. 13 illustrates a secure booting method according to a fifth embodiment of the present invention
  • FIG. 14 illustrates a secure booting method according to a sixth embodiment of the present invention.
  • FIG. 15 illustrates a secure booting method according to a seventh embodiment of the present invention
  • FIG. 16 illustrates a secure booting method according to an eighth embodiment of the present invention.
  • FIG. 17 illustrates a flow chart showing another exemplary operation flow of the secure booting method according to the present invention.
  • the present invention relates to a digital broadcast receiver and a booting method of the digital broadcast receiver and, most particularly, to a digital broadcast receiver and a booting method of the digital broadcast receiver that can perform fast booting while ensuring maximum system security.
  • a secure booting method will be given as an example of the booting method.
  • a digital television receiver that can process digital television signals being transmitted through diverse media will be given as an example of the digital broadcast receiver.
  • the present invention will not be limited only to the above-mentioned examples.
  • examples of the digital broadcast receiver according to the present invention may include all types of system that can perform secure booting, including embedded systems, such as smart phones, satellite Direct TVs, smart TVs, IPTVs, set-top boxes providing VOD services, and so on. It is to be understood that the scope and spirit of the present invention will not be limited only to the embodiments of the present invention that will be described in detail hereinafter. It will also be apparent that the principles for resolving the problems of the present invention may be applied to all applicable fields by using the same or similar methods introduced herein.
  • ‘secure boot’ or ‘secure booting’ will be used, not as the booting process applied in the related art embedded system, but as a collective term of a booting process for realizing fast booting while ensuring maximum system security according to each of the following embodiments of the present invention.
  • FIG. 1 illustrates a block view showing an exemplary structure of a digital television receiver according to the present invention.
  • FIG. 1 illustrates a digital television receiver as an example of a system, wherein the secure booting method according to the following embodiments of the present invention can be applied.
  • the digital television receiver After performing security check and booting of the system by using the secure booting method according to any one of the embodiments of the present invention, receives a digital television signal and an IP packet including the digital television signal through an antenna and a cable and, then, processes the received digital television signal and IP packet. Also, as a means for protecting the transmitted contents, the digital television receiver may adopt Conditional Access, Content Protection, and so on. In order to do so, the digital television receiver may use a CableCARD, a DCAS (Downloadable Conditional Access System), and so on, as examples of Conditional Access, Content Protection, and so on.
  • the usage of the CableCARD or the DCAS is an option that can be selected by the service provider that provides the requested services. And, in case the CableCARD or the DCAS is used in the receiver, the service provider communicating with the receiver should also use the same system.
  • FIG. 1 illustrates a digital television receiver configured to receiver IP-based IPTV services, cable broadcasting, terrestrial (or groundwave) broadcasting, satellite broadcasting, and so on.
  • the digital television receiver may receive and process only IPTV services or receive and process cable broadcasting.
  • each element of FIG. 1 may be referred to by using different terms.
  • the receiver of FIG. 1 broadly consists of a host and a CableCARD.
  • the host includes a network modem 100 , a first broadband interface unit 102 , a second broadband interface unit 104 , a demodulator 106 , a multiplexer 108 , a demultiplexer 110 , a decoder 112 , an ethernet NIC (Network Interface Card) (an IP physical interface unit) 114 , a TCP/IP network unit (routing engine) 116 , a IP to TS decapsulator 118 , a controller 122 , a DCAS (Downloadable CAS) unit 124 , a DVR (Digital Video Recorder) controller 126 , a content encryption unit 128 , a storage interface unit 130 , and a storage unit 132 .
  • the CableCARD 120 may correspond to a Single stream card that can process only one stream or may correspond to a Multistream card that can process multiple streams at the same time.
  • the receiver corresponds to an open-cable type, wherein a CableCARD including the Conditional Access (CA) system is detached (or separated) from the main body.
  • the CableCARD is also referred to as a POD (Point Of Deployment) module.
  • the CableCARD is detachably fixed to a main body slot of the receiver.
  • the main body in which the CableCARD is inserted is referred to as a host.
  • the CableCARD and the host are collectively referred to as the receiver.
  • a network connector 140 performs the role of connecting an external network with a receiver.
  • the network connector 140 may connect an external IP network with the receiver.
  • connection may be made with an external network by using a DOCSIS modem, or connection may be made with an external network by using a wireless (or radio) relay station, which performs connection with a wireless Internet network, or by using a wired relay station, such as wired ADSL relay station, which performs connection with a wired Internet network.
  • a wireless (or radio) relay station which performs connection with a wireless Internet network
  • a wired relay station such as wired ADSL relay station, which performs connection with a wired Internet network.
  • the connection with the external network is merely exemplary. And, therefore, the type of network connector may vary occur depending upon the method of connection with the external network.
  • the first broadband interface unit 102 tunes only a specific channel frequency among groundwave (or terrestrial) A/V (Audio/Video) broadcast signals, which are transmitted through an antenna, or cable A/V broadcast signals, which are transmitted via in-band through a cable connected to the network connector 100 . Then, the first broadband interface unit 102 outputs the tuned signal to the demodulator 106 .
  • groundwave or terrestrial
  • A/V Audio/Video
  • the demodulation method performed by the demodulator 106 may also vary accordingly.
  • groundwave A/V broadcasting is modulated by VSB (Vestigial Sideband) Modulation and then transmitted
  • cable broadcasting is modulated by QAM (Quadrature Amplitude Modulation) and then transmitted. Therefore, if the channel frequency tuned by the first broadband interface unit 102 corresponds to groundwave broadcasting, the demodulator 106 performs demodulation using the VSB method. And, if the channel frequency tuned by the first broadband interface unit 102 corresponds to cable broadcasting, the demodulator 106 performs demodulation using the QAM method.
  • the second broadband interface unit 104 tunes only a specific frequency among cable A/V broadcast signals, which are transmitted via in-band through a cable connected to the network connector 100 and, then, outputs the tuned signal to the demodulator 106 .
  • the first broadband interface unit 102 and the second broadband interface unit 104 may be used for tuning signals of different channels, thereby transmitting the tuned signals to the demodulator 106 .
  • the second broadband interface unit 104 may tune a different A/V stream of the same channel as that of the first broadband interface unit 102 , thereby transmitting the tuned stream (or signal) to the demodulator 106 .
  • the first broadband interface unit 102 may tune a stream of a main picture
  • the second broadband interface unit 104 may tune a stream of a PIP (Picture in Picture).
  • image (or video) signals may be stored (or recorded) while viewing (or watching) an image (i.e., watch & record) by using the first broadband interface unit 102 and the second broadband interface unit 104 .
  • DVR Digital Video Recorder
  • the demodulator 106 demodulates the received signal and transmits the demodulated signal to the multiplexer 108 .
  • the multiplexer 108 may perform multiplexing on the signals inputted to the demodulator 106 and a IP to TS Decapsulator 118 and then output the multiplexed signals.
  • a main image which is tuned by the first broadband interface unit 102 and demodulated, may be multiplexed with a PIP image, which is tuned by the second broadband interface unit 104 and demodulated, thereby being outputted.
  • images of different channels may be multiplexed and outputted, or an image may be multiplexed with a signal outputted from the IP to TS decapsulator 118 , thereby being outputted.
  • the inputted signal is outputted to the demultiplexer 110 .
  • the signal outputted from the multiplexer 108 corresponds to a cable broadcast signal or an IPTV broadcast signal
  • the inputted signal is outputted to the demultiplexer 110 through a CableCARD 120 fixed in a slot.
  • the CableCARD 120 includes a Conditional Access (CA) system may also be referred to as a POD (Point Of Deployment) module.
  • CA Conditional Access
  • POD Point Of Deployment
  • the CableCARD 120 descrambles the corresponding broadcast signal and then outputs the descrambled signal to the demultiplexer 110 . If the CableCARD 120 is not mounted, the A/V broadcast signal outputted from the multiplexer 108 is directly outputted to the demultiplexer 110 . In this case, since the scrambled A/V broadcast signal cannot be descrambled, normal viewing of the image cannot be provided.
  • the demultiplexer 110 separates the inputted video signal and the inputted audio signal, thereby outputting the separated signals to the decoder 112 .
  • the decoder 112 recovers each of the A/V signals, which were respectively compressed by using a video decoding algorithm and an audio decoding algorithm, back to the initial state, thereby outputting the recovered signals for display.
  • the DVR (Digital Video Recorder) controller 126 , the content encryption unit 128 , the storage interface unit 130 , and the storage unit 132 each performs the role of storing the received digital data or playing-back (or reproducing) the stored data.
  • the DVR controller 126 is controlled so as to store image data (or video data) selected from the data outputted from the demultiplexer 110 or to playback (or reproduce) image data (or video data) selected from the stored data.
  • the content encryption unit 128 either encrypts and outputs the data that are to be stored or recovers the encrypted and stored data and outputs the recovered data.
  • the content encryption unit 128 may not be used.
  • the storage interface unit 130 performs an input and output interface with the storage unit 132 , and the storage unit 132 stores the inputted data.
  • the DCAS unit 124 may download and store conditional access systems (CASs) from a server of the transmitting end. Thereafter, the DCAS unit 124 may perform conditional access functions in accordance with a most suitable conditional access system among the stored conditional access systems.
  • the controller 122 controls the interface between the host and the CableCARD and also controls the data processing of the host.
  • the Ethernet NIC 114 receives an Ethernet frame packet being transmitted to a specific IP address and then transmits the received ethernet packet to the routing engine 116 .
  • the Ethernet NIC 114 may transmit data respective to two-way (or bi-directional) communication (e.g., charged program subscription, status information of the receiver, user input, and so on) from the routing engine 116 and may transmit the received data to an external network through the network connector 100 .
  • the specific address may correspond to the IP address of the host itself or the IP address of the CableCARD.
  • IPTV broadcast signals respective to an IP protocol, or VOD (Video On Demand) signals, or OOB (Out Of Band) message signals may be received through the Ethernet NIC 114 .
  • a DSG DOCSIS Set-top Gateway
  • OOB Out Of Band
  • a DOCSIS modem or an OOB tuner may be equipped within the host, so that the receiver can receive OOB messages.
  • one of the IP method and the OOB method may be used so as to receive the OOB messages, or one of the IP method, the DSG method, and the OOB method may be used so as to receive the OOB messages.
  • the receiver shown in FIG. 1 further requires an OOB modem, a demodulator, and so on.
  • the receiver shown in FIG. 1 further requires a DOCSIS modem, an OOB modem, a switching unit for selecting one of the DSG method and the OOB method, a demodulator for transmitting data to a head-end portion in accordance with each method, and so on.
  • the transmitting end decides which method to use and transmits the respective information to the CableCARD.
  • the CableCARD notifies the operation method to the host in accordance with the information decided by the transmitting end. In this case, the problem of backward compatibility may also be resolved.
  • the transmitting end should packetize the OOB messages and transmit the packetized OOB messages by using the IP.
  • messages such as conditional access system information may be received in packet formats identical to the VOD packets or the IPTV packets.
  • OOB messages are merely examples given in the description of the present invention. Therefore, depending upon the embodiment of the present invention, additionally required information other than the exemplary information mentioned above may be added. Alternatively, among the exemplary information mentioned above, unnecessary information may be excluded.
  • the TCP (Transmission Control Protocol)/IP (Internet Protocol) network unit 116 uses a TCP/IP-based network stack so as to route the received packet to the destination of the packet.
  • the routing engine 116 supports both TCP/IP and UDP (User Datagram Protocol).
  • the routing engine 116 routes the received VOD signal or IPTV broadcast signal to the IP to TS decapsulator 118 .
  • the IP to TS decapsulator 118 parses the received MPEG (Moving Picture Expert Groups)-based TP packets and outputs the parsed TP packets to the multiplexer 108 .
  • the operation processes after the multiplexer 108 have already been described above in detail. Since it is assumed, in the above-described example, that the broadcast signal is MPEG-based, the TP packet is received and packetized. However, in case a broadcast signal using a different standard is being received, a unit other than the TP packet unit may be used. Accordingly, the spirit and scope of the present invention will not be limited only to the terms used herein according to the embodiment of the present invention.
  • the OOB (Out Of Band) message which corresponds to one of the packets having the CableCARD as its destination, is routed by the routing engine 116 so as to be transmitted to the CableCARD 120 .
  • data may be transmitted to the CableCARD 120 via 2 nd layer routing or 3 rd layer routing.
  • the routing process may be performed by using a MAC (Media Access Control) address system of the destination included in the header of the received Ethernet frame.
  • the usage of the 2 nd layer routing or the 3 rd layer routing may vary depending upon the embodiment of the present invention. More specifically, depending upon the embodiment of the present invention, the 2 nd layer routing may be used, or the 3 rd layer routing may be used.
  • a data channel and an extended channel exist between the CableCARD and the host.
  • the data channel is set up so as to be capable of transmitting and receiving control signals between the host and the CableCARD
  • the extended channel corresponds to channel set up so as to receive and transmit actual data.
  • the extended channel corresponds to a CPU interface defined to transmit and receive between the host and the CableCARD. More specifically, the CableCARD performs the role of interpreting a command received from the transmitting end, after communicating with the transmitting end, and performs the role of executing the details directed by the transmitting end while communication with the host through the data channel and the extended channel. Alternatively, the CableCARD performs the role of delivering details inputted by the user to the transmitting end.
  • a transmission path corresponding to the data type defined between the CableCARD and the host should first be determined. This is referred to as Flow.
  • an MPEG section flow should first be determined between the CableCARD and the host. Thereafter, actual MPEG section data may be transmitted over the corresponding flow.
  • the flows within the extended channel may include an IP unicast (IP_U) flow, an IP multicast (IP_M) flow, a DSG flow, a maximum of 6 MPEG section flows, and so on.
  • IP_U IP unicast
  • IP_M IP multicast
  • DSG flow a transmission path corresponding to the data type defined between the CableCARD and the host
  • a maximum of 6 MPEG section flows may be transmitted over the corresponding flow.
  • eCM embedded Cable Modem
  • the host prior to setting up the communication operation mode of the host, or prior to transmitting and receiving OOB messages between the host and the CableCARD, the host should notify the network operation mode supporting information of the host to the CableCARD. Therefore, while the interface between the host and the CableCARD is being initialized, just as in the case of booting the host or having a card inserted in the host, the host transmits the network operation mode supporting information of the host to the CableCARD.
  • the secure booting process i.e., a secure boot process supported by a chip 210 includes:
  • the present invention relates to the 2 nd authentication step, which is devised to realize fast booting using a minimum booting time while ensuring maximum security of the device or system during the 2 nd authentication step.
  • each embodiment of the present invention may be applied to a firmware 240 , which is stored in a storage unit 200 of the corresponding system.
  • the storage unit 200 may include all types of storage means, such as flash memory, HDD (Hard disk drive), and so on.
  • FIG. 2 illustrates a secure booting method according to a first embodiment of the present invention.
  • a private key is used so as to generate a single digital signature with respect to all regions of a firmware 240 within a storage unit 200 . Thereafter, the generated digital signature is stored in a specific region 250 within the storage unit 200 .
  • a bootloader 220 having a public key respective to the private key performs an authentication procedure for the security of the corresponding firmware by reading the overall regions of the firmware 240 for each booting process and by comparing the read regions with the generated digital signature.
  • the bootloader 220 performs an authentication procedure each time the system is booted by reading the overall regions of the firmware 240 , thereby being capable of performing a perfect and complete system security check against any intrusion attempts by a hacker.
  • the authentication process is time-consuming (i.e., the authentication time is long). This eventually indicates that the booting time of the entire system becomes long as well. Therefore, in case the size of the firmware is large, if the authentication procedure is performed according to the first embodiment of the present invention, the authentication time increases, thereby prolonging the booting time of the entire system.
  • FIGS. 3 and 4 illustrate a secure booting method according to a second embodiment of the present invention.
  • the bootloader 220 reads the overall regions of the firmware 240 when performing an authentication procedure each time the system is booted, only one or more specific regions (hereinafter referred to as one or more interleaved portions) within the firmware are read, so as to perform authentication for a single digital signature, which is generated with respect to the entire firmware or generated with respect to the specific region(s).
  • FIG. 3 shows an example wherein only one interleaved portion exists in within the firmware
  • FIG. 4 shows an example wherein three interleaved portion exists in within the firmware.
  • one interleaved portion 310 is configured to have a size of 5MB in a region of a 15MB-sized offset position at the uppermost portion of the firmware 240 .
  • the bootloader 220 performs the authentication procedure by reading the region wherein only the interleaved portion 310 is located within the firmware 240 , thereby covering for the authentication of the entire firmware 240 .
  • first to third interleaved portions 410 , 420 , and 430 are respectively configured to have a size of 1MB in regions of 0MB, 10MB, and 20MB-sized offset positions with respect to the uppermost portion of the firmware 240 .
  • the bootloader 220 performs the authentication procedure by reading only the first to third interleaved portions 410 , 420 , and 430 within the firmware 240 , thereby covering for the authentication of the entire firmware 240 .
  • the size, offset position, and number of each interleaved portion within the firmware are all decided while collectively taking into account the system performance, the targeted authentication time and/or the targeted security level, and so on, of all devices. And, therefore, the present invention will not be limited only to the example shown in the accompanying drawings.
  • the booting time may be significantly reduced as compared to the method according to the first embodiment of the present invention.
  • the other regions that are not provided with the interleaved portions within the firmware 240 are more vulnerable to intrusion attempts of a hacker, the aspect of ensuring security against hacking attempts is less reliable and less secure as compared to the authentication method according to the first embodiment of the present invention.
  • FIG. 5 illustrates a secure booting method according to a third embodiment of the present invention
  • FIG. 6 illustrates a flow chart of a secure booting process shown in FIG. 5 .
  • a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image, generating a digital signature of each interleaved portion, selecting a specific interleaved portion, generating a first message digest to read a region of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • the aspect of ensuring security against hacking attempts was more emphasized in the first embodiment of the present invention, and the aspect of the authentication time was more emphasized in the second embodiment of the present invention.
  • the first embodiment and the second embodiment of the present invention may be considered to be insufficient for ensuring security while performing fast booting. Therefore, hereinafter, embodiments of the present invention that can satisfy both aspects will be described in detail.
  • FIG. 5 the third embodiment of the present invention shown in FIG. 5 will be described sequentially and in detail with reference to FIG. 6 .
  • the entire firmware 240 is divided into N number of regions (or areas). Then, multiple interleaved portions (shown in FIG. 5 as interleaved portion A 510 , interleaved portion B 520 , and interleaved portion C 530 ) are generated, which are then adequately aligned in the N number of divided regions (S 601 ). More specifically, interleaved portions A to C are adequately aligned in each of the N number of regions, which divides the entire firmware 240 , in accordance with an alignment order decided by the system. For example, it is shown in FIG.
  • the value N may be decided while taking into consideration the characteristics of the corresponding system. Furthermore, the value N may be varied later on depending upon the progress in the usage of the firmware, firmware upgrade, and so on.
  • each region within the firmware 240 which is divided into N number of regions, may be identical to the size of the interleaved portion.
  • each of the interleaved portions may exist in each of the N number of regions, which is divided to cover the entire firmware.
  • the gap (or space) in-between the interleaved portions may be understood as the unused regions within the entire firmware.
  • a digital signature is generated for each of the multiple interleaved portions adequately aligned in the N number of regions, and the generated digital signatures 540 , 550 , 560 are respectively stored in predetermined regions (S 602 ).
  • the number of the generated digital signatures corresponds to the number of multiple interleaved portions, which is different from the methods according to the first and second embodiments of the present invention. Referring to FIG. 5 , interleaved portions A to C are adequately aligned in N number of regions, which covers the entire firmware 240 .
  • a total of 3 digital signatures 540 , 550 , 560 respective to each of the interleaved portions A to C (a digital signature for regions within the firmware having the interleaved portion A positioned therein, a digital signature for regions within the firmware having the interleaved portion B positioned therein, and a digital signature for regions within the firmware having the interleaved portion C positioned therein) are generated and stored.
  • the system selects an interleaved portion among the multiple interleaved portions (S 603 ).
  • the selection of the interleaved portion may be performed by using, for example, an equal probability selection method as a selection method for realizing true random selection.
  • an equal probability selection method as a selection method for realizing true random selection.
  • the present invention will not be limited only to the equal probability selection method.
  • a variety of other methods that can realize true random selection which prevents selection from being made in accordance with a consistent pattern, so as to minimize damage and loss caused by hacking intrusions, can be used, since such methods use the disclosed techniques, detailed description of the same will be omitted for simplicity.
  • step S 602 a hash is generated for a region of the selected interleaved portion, and the generated hash is compared with the digital signature for the selected interleaved portion (S 604 ).
  • the hash is an algorithm and an example for a message digest.
  • step S 604 Based upon the compared result of step S 604 , if a security compromise is detected, either the system is being intruded by a hacker, or the system is not fit for booting. Therefore, a boot code is corrected, or the digital signature for the boot code is corrected, so that the system booting procedure can no longer be continued (S 605 ). However, in the opposite case (if a security compromise is not detected), the system completes the secure booting procedure.
  • security status for the entire firmware against hacking intrusions may be verified. Additionally, since the entire firmware is not required to be read, fast booting may be realized as well.
  • a wide range of application schemes may be adopted depending upon the computing power of the system applying the present invention.
  • multiple interleaved portions are selected, so as to perform authentication in parallel for each of the interleaved portions, thereby increasing the detection rate of a modulated code without increasing the authentication time.
  • the authentication procedure may be performed in parallel for each region aligned in the interleaved portion A ( 3 portions are included in the interleaved portion A shown in FIG. 5 ), thereby reducing the authentication time.
  • FIG. 7 illustrates an exemplary file system according to the present invention
  • FIG. 8 illustrates a secure booting method using the characteristics of the file system shown in FIG. 7 .
  • a method of secure booting of a system in a digital broadcast receiver comprises dividing into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part, generating a digital signature of each interleaved portion, selecting a specific interleaved portion, generating a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • the header and tailor part is updated if any interleaved portion of the body part is modified.
  • the device is equipped within a unique file system.
  • FIG. 7 shows an exemplary layout of a Squash File System as an example of the unique file system for simplicity.
  • the squash file system is configured by including a header part 710 referred to as a super block, a body part 720 including datablocks and fragments, and a tailor part 730 including an mode table, a directory table, a fragment table, an export table, and a uid/gid table.
  • the data of the header part 710 is modified or updated. More specifically, any change in the datablocks or fragments may be known by using the header part 710 .
  • FIG. 8 seeks to refer to the characteristics of the squash file system shown in FIG. 7 and to use such characteristics in the secure booting method.
  • the overall regions of the firmware 240 is divided into a super block region (hereinafter referred to as a header part) 810 , a datablock region (hereinafter referred to as a body part) 820 , and mode table, directory table, fragment table, export table, uid/gid table regions (hereinafter referred to as a tailor part) 830 .
  • the entire body part 820 may be divided into N number of regions, and multiple interleaved portions (e.g., interleaved portions A, B, and C in FIG. 8 ) may be adequately aligned with respect to the entire body part 820 , which is divided into N number of regions.
  • FIG. 8 shows an example wherein the interleaved portions A, B, and C are sequentially aligned in the body part 820 in the order of C-B-A-C-A-B-C-B-C-B.
  • interleaved portions A, B, and C are all included in the header part 810 and the tailor part 830 .
  • the header part 810 or the tailor part 830 is always included. And, even if only one region of the header part 810 or the tailor part 830 is authenticated, since information on any modification or change in the body part 820 is updated to the header part 810 or the tailor part 830 , system security may be ensured while realizing fast booting. Therefore, in case a hacker directly intrudes and modulates the header part 810 or the tailor part 830 , such intrusion and modulation may be immediately detected. And, even if the hacker intrudes and modulates a portion of the body part 820 , since such information is reflected to at least one of the header part 810 and the tailor part 830 , such intrusion and modulation may also be detected.
  • any security compromise that may occur in the file system of the device may be effectively prevented.
  • FIG. 9 illustrates a flow chart showing an exemplary operation flow of the secure booting method according to the present invention.
  • FIG. 9 uses a PKI (Public Key Infrastructure)-based algorithm as an electronic signature method, and, in an embedded environment, in order to reduce the calculation amount (time) of the PKI algorithm, a message digest algorithm is additionally used.
  • PKI Public Key Infrastructure
  • the CPU 122 of FIG. performs the operation flow shown in FIG. 9 . More specifically, each time the system is booted, the CPU 122 randomly selects an arbitrary interleaved portion among the multiple interleaved portions (S 901 ) and, then, reads pre-defined sizes of the selected interleaved portion from each position within a storage unit 132 designated by the selected interleaved portion (S 902 ), so as to load the read interleaved portion to the memory, thereby performing message digest (S 903 ).
  • the CPU 122 reads Digital Signature information corresponding to a selected interleaved portion (S 904 ) from the Storage unit 132 (S 905 ), so as to load the read Digital Signature information to the memory, and also reads Public Key information of the Bootloader 220 from the Storage unit, so as to load the read Public Key information to the memory. Thereafter, the read Digital Signature information is decrypted by using the read Public Key information of the Bootloader 220 (S 906 ).
  • the CPU 122 compares a value outputted from the decryption process with a value outputted from the message digest process (S 907 ). And, if the two values are equal to one another, the booting procedure is resumed (S 908 ) (i.e., booting is successful). And, if the two values are different from one another, the booting procedure is stopped (S 909 ). Furthermore, by using a method of deleting or modifying the boot code, or by using a method of deleting or modifying the Digital Signature for the boot code, booting of the system may be permanently disabled (i.e., the system may be permanently unbootable).
  • FIG. 10 illustrates an example of an entire firmware image being stored in a storage unit as a binary image according to the present invention
  • FIG. 11 illustrates an example of a plurality of applications, which are stored in the device, being classified as a plurality of partitions (a plurality of binaries) and stored in the storage unit according to the present invention
  • FIG. 12 illustrates an example of dividing fragments only for a Used Area of each partition according to the present invention.
  • a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of fragments to generate a digital signature, respectively, with each partition in an entire firmware image, wherein the partition is used to an application and is consisted of a different binary image, respectively, generating a digital signature of each fragment, selecting a specific fragment, generating a first message digest to read an area of the selected fragment in each partition and a second message digest from the digital signature of the selected fragment and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • Applications that are stored in a storage unit of the may be configured as a single partition and used and, whenever required, the applications may also be divided into a plurality of partitions and used.
  • FIG. 10 and FIG. 11 may be collectively used.
  • the entire applications are configured as a single binary image, which may correspond to an efficient structure for continuously storing the corresponding binary image without being interrupted by unused areas, when the binary image is being stored in the storage unit.
  • a plurality of fragments correspond to the interleaved portion in FIG. 5 are aligned with the storage unit. Accordingly, the verification is processed as similarly FIG. 2 .
  • FIG. 11 is efficient for a case wherein multiple applications are configured as binary images each different from one another, thereby being divided into multiple partitions and stored within the storage unit.
  • FIG. 12 corresponds to a method of using the method of FIG. 10 in a structure shown in FIG. 11 , wherein only the used area (or regions) of each partition are divided into multiple fragments.
  • the method of FIG. 5 is applied only for the Used Area of each partition.
  • the entire firmware is read so that the entire firmware can be authenticated without having to load the read information to the memory.
  • each partition may be identified by using N number of fragments 1210 , 1220 and 1230 or 1240 , 1250 and 1260 .
  • the system may be able to know a start offset and used size of each partition during a Running Time of the system, and N is a pre-fixed value.
  • the fragment that is to be read uses the start offset and N value information so as to be capable of reading the required (or necessary) parts.
  • the unused area shown in FIGS. 11 and 12 are not required to be read and loaded to the memory, and the Digital Signature for the unused area is not required to be calculated. More specifically, the Authentication process for the unused area may be omitted. Accordingly, the authentication time for the entire firmware may be reduced, and, by preventing the value N from excessively increasing, an optimal N value may be set up, thereby further enhancing the efficiency of the authentication process.
  • FIG. 13 illustrates a secure booting method according to a fifth embodiment of the present invention.
  • FIG. 13 illustrates an example of a firmware having the method of FIG. 12 applied thereto.
  • M number of unused areas 1320 , 1340 and k number of partitions of used areas 1310 , 1330 used by the applications exist within the entire firmware.
  • N number of fragments is aligned so as to cover the entire region of the corresponding partition.
  • the number of fragments N may either be the same in each partition, or may be different from one another depending upon the size of each partition.
  • the fragments 1312 , 1314 and 1316 or 1332 , 1334 and 1336 may either have the same alignment order in all of the partitions, or the fragments may have a different alignment order for each partition.
  • a digital signature 1352 , 1354 and 1356 is generated with respect to each of the n number of fragments and then stored.
  • the secure booting method according to the fifth embodiment of the present invention may ensure secure booting while reducing a significant amount of authentication time.
  • FIG. 14 illustrates a secure booting method according to a sixth embodiment of the present invention.
  • the sixth embodiment of the present invention is similar to the above-described fifth embodiment of the present invention. Therefore, reference will be made to the identical parts, or the direct citations will be made on the common parts. Therefore, only the different parts will be described in the following description.
  • partitions 3 and 5 small partitions
  • a digital signature 1432 , 1434 may be individually generated for each small partition, or a single digital signature may be generated for a plurality of small partitions.
  • the size of a small partition and the authentication process for the small partition are decided based upon a standard pre-decided by the system. And, default settings may be made on the small partitions decided as described above, so that the entire region (or area) of the corresponding small partitions is read and authenticated.
  • FIG. 15 illustrates a secure booting method according to a seventh embodiment of the present invention
  • FIG. 16 illustrates a secure booting method according to an eighth embodiment of the present invention.
  • a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of fragments to generate a digital signature, respectively, with a first partition and a second partition to be verified a whole area in an entire firmware image, wherein each first partition is used to an application and is consisted of a different binary image, respectively, generating a digital signature of each fragment and the second partition, selecting a specific fragment, generating a first message digest to read an area of the selected fragment in the first partition and the second partition, and a second message digest from the digital signature of the selected fragment and the second partition and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • the secure booting method according to the seventh embodiment of the present invention shown in FIG. 15 corresponds to a combined concept of the fourth and fifth embodiments of the present invention
  • the secure booting method according to the eighth embodiment of the present invention shown in FIG. 16 corresponds to a combined concept of the fourth and sixth embodiments of the present invention.
  • the firmware is divided into a plurality of partitions 1510 and 1520 , as described in the fifth embodiment of the present invention. And, unlike in the fifth embodiment of the present invention, when each partition uses multiple fragments 1512 , 1514 and 1516 , the concept of the squash file system is used, as described in the fourth embodiment of the present invention.
  • the firmware is divided into a plurality of partitions, including small partitions 1610 and 1620 , as described in the sixth embodiment of the present invention.
  • the entire area of each small partition is read and authenticated, and the concept of the squash file system is used in the remaining partitions, as described in the fourth embodiment of the present invention.
  • the squash file system is divided into a header part, a body part, and a tailor part, and the squash file system may be configured so that all of the fragments are included in the header part and the tailor part. Accordingly, by reading only the header and tailor parts and by loading the read header and tailor parts to the memory, security may be ensured for the authentication of the entire region of the corresponding partition, and the authentication time may be reduced significantly.
  • the concept of the squash file system is applied in a specific partition, as described in the fourth embodiment of the present invention, and secure booting may be performed by using multiple partitions on the entire region of the corresponding partition, as described in the third embodiment of the present invention. This may be applied in the system after deciding an efficient structure of the system based upon the security issue and authentication time for the corresponding system.
  • the squash file system of FIG. 7 when hacking attempts are being made on each datablock, only the corresponding block may be affected by the hacking attempts.
  • firmware images are essentially compressed in the squash file system
  • the compressed files i.e., the size and offset of the datablock may be modified. Accordingly, such modifications are evidently reflected to the header part or the tailor part, thereby enabling the system to detect any modulation on the respective firmware image.
  • FIG. 17 illustrates a flow chart showing another exemplary operation flow of the secure booting method according to the present invention.
  • FIG. 17 is nearly identical to the above-described operation flow shown in FIG. 9 .
  • the CPU 122 of FIG. When the system is being booted, the CPU 122 of FIG. performs the operation flow shown in FIG. 17 . More specifically, each time the system is booted, the CPU 122 randomly selects at least one fragment from a plurality of fragments (S 1701 ) and, then, reads the selected fragment from each partition (S 1702 ), so as to load the read fragment to the memory, thereby performing message digest (S 1703 ).
  • the CPU 122 reads Digital Signature information corresponding to the selected fragment (S 1704 ) from the Storage unit, so as to load the read Digital Signature information to the memory, and also reads Public Key information of the Bootloader 220 from the Storage unit, so as so as to load the read Public Key information to the memory. Thereafter, the read Digital Signature information is decrypted by using the read Public Key information of the Bootloader 220 (S 1705 ).
  • the CPU 122 compares a value outputted from the decryption process with a value outputted from the message digest process (S 1706 ). And, if the two values are equal to one another, the booting procedure is resumed (S 1707 ) (i.e., booting is successful). And, if the two values are different from one another, the booting procedure is stopped (S 1708 ). Furthermore, by using a method of deleting or modifying the boot code, or by using a method of deleting or modifying the Digital Signature for the boot code, booting of the system may be permanently disabled (i.e., system may be permanently unbootable).
  • the above-described operation flows shown in FIG. 6 or FIG. 9 or FIG. 17 may be performed only once, or, when tighter security is required depending upon the security level, the same operation flow may be repeatedly performed, or the above-described operation flow may be repeatedly performed on other interleaved portions or fragments, thereby ensuring a higher level of security.
  • each of the above-described embodiments of the present invention is applied in the system shown in FIG. 1 .
  • the CPU includes all of a secure processor, a micro processor, and a security-specific chip 210 realizing a security function with an HW
  • a memory includes all of a secure processor, a micro processor, and a security-specific chip 210 realizing a security function with an HW
  • a memory includes all of a secure processor, a micro processor, and a security-specific chip 210 realizing a security function with an HW
  • a memory includes all of a secure processor, a micro processor, and a security-specific chip 210 realizing a security function with an HW
  • a memory includes all of a secure processor, a micro processor, and a security-specific chip 210 realizing a security function with an HW
  • a storage unit storage units including HDD or flash memory
  • each embodiment of the present invention may be applied to any type of system that seeks to adopt the secure booting method in order to protect the
  • the authentication time may be minimized while ensuring a maximum level of security of the system during the booting process. And, by reducing the booting time, user convenience may be enhanced, and the system may be capable of responding more quickly to the user's requests. Additionally, the efficiency of the entire system may be enhanced while maintaining backward compatibility with the conventional system. Furthermore, in addition to secure booting, the method according to the present invention may be applied in diverse fields that require ensured security and reduced authentication time.

Abstract

A digital broadcast receiver and a booting method of the digital broadcast receiver are disclosed herein. A method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image, generating a digital signature of each interleaved portion, selecting a specific interleaved portion, generating a first message digest to read a region of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.

Description

  • This application claims the benefit of U.S. Provisional Application No. 61/266,522, filed on Dec. 4, 2009, which is hereby incorporated by reference as if fully set forth herein. Also, this application further claims the benefit of U.S. Provisional Application No. 61/290,893, filed on Dec. 30, 2009, which is hereby incorporated by reference as if fully set forth herein.
    • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates to a digital broadcast receiver and a booting method of the digital broadcast receiver and, most particularly, to a digital broadcast receiver and a booting method of the digital broadcast receiver that can perform fast booting while ensuring maximum system security.
  • 2. Discussion of the Related Art
  • With the remarkable evolution in the digital technology, digitalization is being accelerated not only in general households but also throughout the entire industry. However, such evolution in digital technology has brought about a wide range of advantages as well as disadvantages (or side effects). For example, hacking may correspond to one of the main side effects. Unlike in the analog era, due to the unlimited provision of time and space in the digital era, the number of hacking attempts is increasing, and such attempts are causing a considerable amount of damage and loss. With the recent introduction and increasing supply of smart phones and smart TVs, hacking attempts are becoming more frequent and constant in the industrial work fields as well as general households or personal digital devices.
  • When the power of a digital device is turned on, a booting process of the device is executed. The booting process also includes a system security checking process, which verifies whether or not a security breach (or compromise) or hacking attempt has occurred in the corresponding digital device. The major issues in the recent digital devices include the above-described security issue and also the issue on how to reduce the booting time.
  • In conclusion, digital devices require to be ensured with minimized booting time as well as maximum security. However, there are limitations in resolving such problems and satisfying the associated requirements by simply enhancing the performance of a CPU (Central Processing Unit) included in the digital devices. Furthermore, if either one of the security issue and the booting issue is reinforced and enhanced, there is a problem of having to abandon the improvement of the other issue.
    • SUMMARY OF THE INVENTION
  • Accordingly, the present invention is directed to provide a digital broadcast receiver and a booting method of the digital broadcast receiver that substantially obviate one or more problems due to limitations and disadvantages of the related art.
  • Another object of the present invention is to provide a method and device that can reduce a booting time while ensuring system security.
  • A further object of the present invention is to provide a method and device that can enhance the efficiency of the overall system while maintaining backward compatibility with the conventional system.
  • Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
  • To achieve these objects and other advantages and in accordance with the purpose of the invention, as embodied and broadly described herein, according to an embodiment of the present invention, a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image; generating a digital signature of each interleaved portion; selecting a specific interleaved portion; generating a first message digest to read a region of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion; and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • According to another embodiment of the present invention, a method of secure booting of a system in a digital broadcast receiver comprises dividing into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part; generating a digital signature of each interleaved portion; selecting a specific interleaved portion; generating a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion; and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • According to yet another embodiment of the present invention, a digital broadcast receiver of secure booting of a system comprises a controller configured to control to align a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image, and generate a digital signature of each interleaved portion, the controller further configured to control to select a specific interleaved portion, generate a first message digest to read one or more regions of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion, and verify the firmware image based on the first and second message digest and boot the system in the digital broadcast receiver.
  • According to a further embodiment of the present invention, a digital broadcast receiver of secure booting of a system comprises a controller configured to control to divide into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part, and generate a digital signature of each interleaved portion, the controller further configured to select a specific interleaved portion, generate a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion, and verify the firmware image based on the first and second message digest and boot the system in the digital broadcast receiver.
  • It is to be understood that both the foregoing general description and the following detailed description of the present invention are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principle of the invention. In the drawings:
  • FIG. 1 illustrates a block view showing an exemplary structure of a digital television receiver according to the present invention;
  • FIG. 2 illustrates a secure booting method according to a first embodiment of the present invention;
  • FIGS. 3 and 4 illustrate a secure booting method according to a second embodiment of the present invention;
  • FIG. 5 illustrates a secure booting method according to a third embodiment of the present invention;
  • FIG. 6 illustrates a flow chart of a secure booting process shown in FIG. 5;
  • FIG. 7 illustrates an exemplary file system according to the present invention;
  • FIG. 8 illustrates a secure booting method using the characteristics of the file system shown in FIG. 7;
  • FIG. 9 illustrates a flow chart showing an exemplary operation flow of the secure booting method according to the present invention;
  • FIG. 10 illustrates an example of an entire firmware image being stored in a storage unit as a binary image according to the present invention;
  • FIG. 11 illustrates an example of a plurality of applications, which are stored in the device, being classified as a plurality of partitions (a plurality of binaries) and stored in the storage unit according to the present invention;
  • FIG. 12 illustrates an example of dividing fragments only for a Used Area of each partition according to the present invention;
  • FIG. 13 illustrates a secure booting method according to a fifth embodiment of the present invention;
  • FIG. 14 illustrates a secure booting method according to a sixth embodiment of the present invention;
  • FIG. 15 illustrates a secure booting method according to a seventh embodiment of the present invention;
  • FIG. 16 illustrates a secure booting method according to an eighth embodiment of the present invention; and
  • FIG. 17 illustrates a flow chart showing another exemplary operation flow of the secure booting method according to the present invention.
    •  DETAILED DESCRIPTION OF THE INVENTION
  • Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or like parts.
  • Hereinafter, various embodiments of the present invention will be described in detail with reference to the accompanying drawings.
  • The present invention relates to a digital broadcast receiver and a booting method of the digital broadcast receiver and, most particularly, to a digital broadcast receiver and a booting method of the digital broadcast receiver that can perform fast booting while ensuring maximum system security.
  • In the following description of the present invention, in order to facilitate and simplify the understanding of the present invention, a secure booting method will be given as an example of the booting method. Additionally, a digital television receiver that can process digital television signals being transmitted through diverse media will be given as an example of the digital broadcast receiver. However, the present invention will not be limited only to the above-mentioned examples. And, therefore, examples of the digital broadcast receiver according to the present invention may include all types of system that can perform secure booting, including embedded systems, such as smart phones, satellite Direct TVs, smart TVs, IPTVs, set-top boxes providing VOD services, and so on. It is to be understood that the scope and spirit of the present invention will not be limited only to the embodiments of the present invention that will be described in detail hereinafter. It will also be apparent that the principles for resolving the problems of the present invention may be applied to all applicable fields by using the same or similar methods introduced herein.
  • In the following description of the present invention, ‘secure boot’ or ‘secure booting’ will be used, not as the booting process applied in the related art embedded system, but as a collective term of a booting process for realizing fast booting while ensuring maximum system security according to each of the following embodiments of the present invention.
    • Digital Broadcast Receiver
  • FIG. 1 illustrates a block view showing an exemplary structure of a digital television receiver according to the present invention.
  • FIG. 1 illustrates a digital television receiver as an example of a system, wherein the secure booting method according to the following embodiments of the present invention can be applied.
  • After performing security check and booting of the system by using the secure booting method according to any one of the embodiments of the present invention, the digital television receiver according to the present invention receives a digital television signal and an IP packet including the digital television signal through an antenna and a cable and, then, processes the received digital television signal and IP packet. Also, as a means for protecting the transmitted contents, the digital television receiver may adopt Conditional Access, Content Protection, and so on. In order to do so, the digital television receiver may use a CableCARD, a DCAS (Downloadable Conditional Access System), and so on, as examples of Conditional Access, Content Protection, and so on. The usage of the CableCARD or the DCAS is an option that can be selected by the service provider that provides the requested services. And, in case the CableCARD or the DCAS is used in the receiver, the service provider communicating with the receiver should also use the same system.
  • Hereinafter, each element configuring the digital television receiver will be described in detail. Since the secure booting method will be described in a later process, a detailed description of the same will be omitted in this portion of the description.
  • FIG. 1 illustrates a digital television receiver configured to receiver IP-based IPTV services, cable broadcasting, terrestrial (or groundwave) broadcasting, satellite broadcasting, and so on. However, depending upon the embodiment of the receiver shown in FIG. 1, the digital television receiver may receive and process only IPTV services or receive and process cable broadcasting. Furthermore, depending upon the embodiment of the digital broadcast receiver, each element of FIG. 1 may be referred to by using different terms.
  • The receiver of FIG. 1 broadly consists of a host and a CableCARD. The host includes a network modem 100, a first broadband interface unit 102, a second broadband interface unit 104, a demodulator 106, a multiplexer 108, a demultiplexer 110, a decoder 112, an ethernet NIC (Network Interface Card) (an IP physical interface unit) 114, a TCP/IP network unit (routing engine) 116, a IP to TS decapsulator 118, a controller 122, a DCAS (Downloadable CAS) unit 124, a DVR (Digital Video Recorder) controller 126, a content encryption unit 128, a storage interface unit 130, and a storage unit 132. The CableCARD 120 may correspond to a Single stream card that can process only one stream or may correspond to a Multistream card that can process multiple streams at the same time.
  • The receiver corresponds to an open-cable type, wherein a CableCARD including the Conditional Access (CA) system is detached (or separated) from the main body. The CableCARD is also referred to as a POD (Point Of Deployment) module. And, herein, the CableCARD is detachably fixed to a main body slot of the receiver. Additionally, the main body in which the CableCARD is inserted is referred to as a host. In other words, the CableCARD and the host are collectively referred to as the receiver. A network connector 140 performs the role of connecting an external network with a receiver. For example, the network connector 140 may connect an external IP network with the receiver. For example, when a MoCA (Multimedia Over Coax Alliance) is used, an IP-based network may be built within a coaxial cable network so as to perform connection. Alternatively, connection may be made with an external network by using a DOCSIS modem, or connection may be made with an external network by using a wireless (or radio) relay station, which performs connection with a wireless Internet network, or by using a wired relay station, such as wired ADSL relay station, which performs connection with a wired Internet network. However, the connection with the external network is merely exemplary. And, therefore, the type of network connector may vary occur depending upon the method of connection with the external network.
  • The first broadband interface unit 102 tunes only a specific channel frequency among groundwave (or terrestrial) A/V (Audio/Video) broadcast signals, which are transmitted through an antenna, or cable A/V broadcast signals, which are transmitted via in-band through a cable connected to the network connector 100. Then, the first broadband interface unit 102 outputs the tuned signal to the demodulator 106.
  • At this point, since the transmission method of groundwave broadcasting is different from the transmission method of cable broadcasting, the demodulation method performed by the demodulator 106 may also vary accordingly. For example, groundwave A/V broadcasting is modulated by VSB (Vestigial Sideband) Modulation and then transmitted, and cable broadcasting is modulated by QAM (Quadrature Amplitude Modulation) and then transmitted. Therefore, if the channel frequency tuned by the first broadband interface unit 102 corresponds to groundwave broadcasting, the demodulator 106 performs demodulation using the VSB method. And, if the channel frequency tuned by the first broadband interface unit 102 corresponds to cable broadcasting, the demodulator 106 performs demodulation using the QAM method.
  • The second broadband interface unit 104 tunes only a specific frequency among cable A/V broadcast signals, which are transmitted via in-band through a cable connected to the network connector 100 and, then, outputs the tuned signal to the demodulator 106.
  • The first broadband interface unit 102 and the second broadband interface unit 104 may be used for tuning signals of different channels, thereby transmitting the tuned signals to the demodulator 106. Alternatively, the second broadband interface unit 104 may tune a different A/V stream of the same channel as that of the first broadband interface unit 102, thereby transmitting the tuned stream (or signal) to the demodulator 106. For example, the first broadband interface unit 102 may tune a stream of a main picture, and the second broadband interface unit 104 may tune a stream of a PIP (Picture in Picture). And, in case of storing a digital image (or video) signal by using a DVR (Digital Video Recorder), image (or video) signals may be stored (or recorded) while viewing (or watching) an image (i.e., watch & record) by using the first broadband interface unit 102 and the second broadband interface unit 104.
  • The demodulator 106 demodulates the received signal and transmits the demodulated signal to the multiplexer 108. The multiplexer 108 may perform multiplexing on the signals inputted to the demodulator 106 and a IP to TS Decapsulator 118 and then output the multiplexed signals. For example, a main image, which is tuned by the first broadband interface unit 102 and demodulated, may be multiplexed with a PIP image, which is tuned by the second broadband interface unit 104 and demodulated, thereby being outputted. Furthermore, depending upon the embodiment of the present invention, images of different channels may be multiplexed and outputted, or an image may be multiplexed with a signal outputted from the IP to TS decapsulator 118, thereby being outputted.
  • If the signal outputted from the multiplexer 108 corresponds to a groundwave broadcast signal, the inputted signal is outputted to the demultiplexer 110. And, if the signal outputted from the multiplexer 108 corresponds to a cable broadcast signal or an IPTV broadcast signal, the inputted signal is outputted to the demultiplexer 110 through a CableCARD 120 fixed in a slot. Herein, in order to prevent duplication of high value-added broadcast contents and to allow limited (or conditional) access of the high value-added broadcast contents, the CableCARD 120 includes a Conditional Access (CA) system may also be referred to as a POD (Point Of Deployment) module. More specifically, if the received broadcast signal is scrambled, the CableCARD 120 descrambles the corresponding broadcast signal and then outputs the descrambled signal to the demultiplexer 110. If the CableCARD 120 is not mounted, the A/V broadcast signal outputted from the multiplexer 108 is directly outputted to the demultiplexer 110. In this case, since the scrambled A/V broadcast signal cannot be descrambled, normal viewing of the image cannot be provided.
  • The demultiplexer 110 separates the inputted video signal and the inputted audio signal, thereby outputting the separated signals to the decoder 112. The decoder 112 recovers each of the A/V signals, which were respectively compressed by using a video decoding algorithm and an audio decoding algorithm, back to the initial state, thereby outputting the recovered signals for display.
  • The DVR (Digital Video Recorder) controller 126, the content encryption unit 128, the storage interface unit 130, and the storage unit 132 each performs the role of storing the received digital data or playing-back (or reproducing) the stored data. Depending upon the control of the controller 122, the DVR controller 126 is controlled so as to store image data (or video data) selected from the data outputted from the demultiplexer 110 or to playback (or reproduce) image data (or video data) selected from the stored data. The content encryption unit 128 either encrypts and outputs the data that are to be stored or recovers the encrypted and stored data and outputs the recovered data. Depending upon the embodiment of the present invention, the content encryption unit 128 may not be used.
  • The storage interface unit 130 performs an input and output interface with the storage unit 132, and the storage unit 132 stores the inputted data.
  • The DCAS unit 124 may download and store conditional access systems (CASs) from a server of the transmitting end. Thereafter, the DCAS unit 124 may perform conditional access functions in accordance with a most suitable conditional access system among the stored conditional access systems. The controller 122 controls the interface between the host and the CableCARD and also controls the data processing of the host.
  • Among the signals received through the network connector 100, the Ethernet NIC 114 receives an Ethernet frame packet being transmitted to a specific IP address and then transmits the received ethernet packet to the routing engine 116. Alternatively, the Ethernet NIC 114 may transmit data respective to two-way (or bi-directional) communication (e.g., charged program subscription, status information of the receiver, user input, and so on) from the routing engine 116 and may transmit the received data to an external network through the network connector 100. The specific address may correspond to the IP address of the host itself or the IP address of the CableCARD.
  • In case of the receiver shown in FIG. 1, IPTV broadcast signals respective to an IP protocol, or VOD (Video On Demand) signals, or OOB (Out Of Band) message signals may be received through the Ethernet NIC 114. In case of the conventional cable broadcasting, a DSG (DOCSIS Set-top Gateway) method or an OOB (Out Of Band) method may be used, so as to received OOB messages, such as SI (System Information), EAS (Emergency Alert System), XAIT (eXtended Application Information Table), conditional access system information, various CableCARD control information, and so on.
  • In case of the receiver shown in FIG. 1, a DOCSIS modem or an OOB tuner may be equipped within the host, so that the receiver can receive OOB messages. For example, one of the IP method and the OOB method may be used so as to receive the OOB messages, or one of the IP method, the DSG method, and the OOB method may be used so as to receive the OOB messages.
  • In case of receiving OOB messages by using one of the IP method and the OOB method, the receiver shown in FIG. 1 further requires an OOB modem, a demodulator, and so on. And, in case of receiving OOB messages by using one of the IP method, the DSG method, and the OOB method, the receiver shown in FIG. 1 further requires a DOCSIS modem, an OOB modem, a switching unit for selecting one of the DSG method and the OOB method, a demodulator for transmitting data to a head-end portion in accordance with each method, and so on.
  • And, as described above, in case of using all of the IP method, the conventional DSG method, and the OOB method, or in case of using the IP method and the OOB method, while excluding the DSG method, the transmitting end decides which method to use and transmits the respective information to the CableCARD.
  • The CableCARD notifies the operation method to the host in accordance with the information decided by the transmitting end. In this case, the problem of backward compatibility may also be resolved.
  • In the description of the receiver of FIG. 1, instead of the DSG method using the DOCSIS modem or the OOB method using the OOB tuner, the case of receiving OOB messages through the Ethernet NIC 114 using the IP will be mainly described for simplicity. In this case, the transmitting end should packetize the OOB messages and transmit the packetized OOB messages by using the IP. In case of VOD broadcasting or IPTV broadcasting, messages such as conditional access system information may be received in packet formats identical to the VOD packets or the IPTV packets.
  • However, the OOB messages are merely examples given in the description of the present invention. Therefore, depending upon the embodiment of the present invention, additionally required information other than the exemplary information mentioned above may be added. Alternatively, among the exemplary information mentioned above, unnecessary information may be excluded.
  • The TCP (Transmission Control Protocol)/IP (Internet Protocol) network unit 116 uses a TCP/IP-based network stack so as to route the received packet to the destination of the packet. The routing engine 116 supports both TCP/IP and UDP (User Datagram Protocol).
  • The routing engine 116 routes the received VOD signal or IPTV broadcast signal to the IP to TS decapsulator 118. The IP to TS decapsulator 118 parses the received MPEG (Moving Picture Expert Groups)-based TP packets and outputs the parsed TP packets to the multiplexer 108. The operation processes after the multiplexer 108 have already been described above in detail. Since it is assumed, in the above-described example, that the broadcast signal is MPEG-based, the TP packet is received and packetized. However, in case a broadcast signal using a different standard is being received, a unit other than the TP packet unit may be used. Accordingly, the spirit and scope of the present invention will not be limited only to the terms used herein according to the embodiment of the present invention.
  • The OOB (Out Of Band) message, which corresponds to one of the packets having the CableCARD as its destination, is routed by the routing engine 116 so as to be transmitted to the CableCARD 120. In case of routing the OOB message to the CableCARD 120, data may be transmitted to the CableCARD 120 via 2nd layer routing or 3rd layer routing. In case of using the 2nd layer routing, the routing process may be performed by using a MAC (Media Access Control) address system of the destination included in the header of the received Ethernet frame. The usage of the 2nd layer routing or the 3rd layer routing may vary depending upon the embodiment of the present invention. More specifically, depending upon the embodiment of the present invention, the 2nd layer routing may be used, or the 3rd layer routing may be used.
  • A data channel and an extended channel exist between the CableCARD and the host. The data channel is set up so as to be capable of transmitting and receiving control signals between the host and the CableCARD, and the extended channel corresponds to channel set up so as to receive and transmit actual data. The extended channel corresponds to a CPU interface defined to transmit and receive between the host and the CableCARD. More specifically, the CableCARD performs the role of interpreting a command received from the transmitting end, after communicating with the transmitting end, and performs the role of executing the details directed by the transmitting end while communication with the host through the data channel and the extended channel. Alternatively, the CableCARD performs the role of delivering details inputted by the user to the transmitting end.
  • At this point, in order to transmit data through the extended channel, a transmission path corresponding to the data type defined between the CableCARD and the host should first be determined. This is referred to as Flow. For example, in order to transmit MPEG section data, an MPEG section flow should first be determined between the CableCARD and the host. Thereafter, actual MPEG section data may be transmitted over the corresponding flow. The flows within the extended channel may include an IP unicast (IP_U) flow, an IP multicast (IP_M) flow, a DSG flow, a maximum of 6 MPEG section flows, and so on. However, in case an eCM (embedded Cable Modem), such as the DOCSIS modem, is not used inside the host, among the listed flows, the DSG flow is not used.
  • As described above, prior to setting up the communication operation mode of the host, or prior to transmitting and receiving OOB messages between the host and the CableCARD, the host should notify the network operation mode supporting information of the host to the CableCARD. Therefore, while the interface between the host and the CableCARD is being initialized, just as in the case of booting the host or having a card inserted in the host, the host transmits the network operation mode supporting information of the host to the CableCARD.
  • Hereinafter, a secure booting method according to diverse embodiments of the present invention that can be applied to the above-described digital television receiver will be described in detail.
  • According to each embodiment of the present invention, the secure booting process, i.e., a secure boot process supported by a chip 210 includes:
    • 1) a 1st Authentication step, wherein Authentication or Verification is performed on a Digital Signature of a Boot Loader 230 through an OTP (One-Time Password) (e.g., a Public Key),
    • 2) a 2nd Authentication step, wherein, once the 1st Authentication step is passed, Authentication or Verification is performed in Boot Loader 220 on a Digital Signature of a firmware (or firmware image). This secure booting process may also be referred to as a Trusted Chain.
  • Herein, if failure occurs in any one of the above-described 1st Authentication step and 2nd Authentication step, the System Booting is interrupted. On the other hand, if both of the above-described 1st Authentication step and 2nd Authentication step are successful, the main functions of the system are initiated after the system booting.
  • Most particularly, the present invention relates to the 2nd authentication step, which is devised to realize fast booting using a minimum booting time while ensuring maximum security of the device or system during the 2nd authentication step.
  • Hereinafter, each embodiment of the present invention may be applied to a firmware 240, which is stored in a storage unit 200 of the corresponding system. The storage unit 200 may include all types of storage means, such as flash memory, HDD (Hard disk drive), and so on.
    • FIRST EMBODIMENT
  • FIG. 2 illustrates a secure booting method according to a first embodiment of the present invention.
  • According to the first embodiment of the present invention, in order to perform secure booting, a private key is used so as to generate a single digital signature with respect to all regions of a firmware 240 within a storage unit 200. Thereafter, the generated digital signature is stored in a specific region 250 within the storage unit 200.
  • Subsequently, a bootloader 220 having a public key respective to the private key performs an authentication procedure for the security of the corresponding firmware by reading the overall regions of the firmware 240 for each booting process and by comparing the read regions with the generated digital signature.
  • According to the first embodiment of the present invention, the bootloader 220 performs an authentication procedure each time the system is booted by reading the overall regions of the firmware 240, thereby being capable of performing a perfect and complete system security check against any intrusion attempts by a hacker. However, according to the first embodiment of the present invention, while performing the authentication procedure, since the bootloader 220 is required to read the overall regions of the firmware 240 in order to perform authentication, the authentication process is time-consuming (i.e., the authentication time is long). This eventually indicates that the booting time of the entire system becomes long as well. Therefore, in case the size of the firmware is large, if the authentication procedure is performed according to the first embodiment of the present invention, the authentication time increases, thereby prolonging the booting time of the entire system.
    • SECOND EMBODIMENT
  • FIGS. 3 and 4 illustrate a secure booting method according to a second embodiment of the present invention.
  • Referring to FIGS. 3 and 4, according to the second embodiment of the present invention, unlike in the first embodiment of the present invention, wherein the bootloader 220 reads the overall regions of the firmware 240 when performing an authentication procedure each time the system is booted, only one or more specific regions (hereinafter referred to as one or more interleaved portions) within the firmware are read, so as to perform authentication for a single digital signature, which is generated with respect to the entire firmware or generated with respect to the specific region(s).
  • FIG. 3 shows an example wherein only one interleaved portion exists in within the firmware, and FIG. 4 shows an example wherein three interleaved portion exists in within the firmware.
  • Referring to FIG. 3, for example, one interleaved portion 310 is configured to have a size of 5MB in a region of a 15MB-sized offset position at the uppermost portion of the firmware 240.
  • Therefore, each time the system is booted, the bootloader 220 performs the authentication procedure by reading the region wherein only the interleaved portion 310 is located within the firmware 240, thereby covering for the authentication of the entire firmware 240.
  • In FIG. 4, first to third interleaved portions 410, 420, and 430 are respectively configured to have a size of 1MB in regions of 0MB, 10MB, and 20MB-sized offset positions with respect to the uppermost portion of the firmware 240.
  • Therefore, each time the system is booted, the bootloader 220 performs the authentication procedure by reading only the first to third interleaved portions 410, 420, and 430 within the firmware 240, thereby covering for the authentication of the entire firmware 240.
  • According to the second embodiment of the present invention described above with reference to FIGS. 3 and 4, the size, offset position, and number of each interleaved portion within the firmware are all decided while collectively taking into account the system performance, the targeted authentication time and/or the targeted security level, and so on, of all devices. And, therefore, the present invention will not be limited only to the example shown in the accompanying drawings.
  • Therefore, according to the second embodiment of the present invention, the booting time may be significantly reduced as compared to the method according to the first embodiment of the present invention. However, since the other regions that are not provided with the interleaved portions within the firmware 240 are more vulnerable to intrusion attempts of a hacker, the aspect of ensuring security against hacking attempts is less reliable and less secure as compared to the authentication method according to the first embodiment of the present invention.
    • THIRD EMBODIMENT
  • FIG. 5 illustrates a secure booting method according to a third embodiment of the present invention, and FIG. 6 illustrates a flow chart of a secure booting process shown in FIG. 5.
  • According to an embodiment of the present invention, a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image, generating a digital signature of each interleaved portion, selecting a specific interleaved portion, generating a first message digest to read a region of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • As described above, the aspect of ensuring security against hacking attempts was more emphasized in the first embodiment of the present invention, and the aspect of the authentication time was more emphasized in the second embodiment of the present invention. However, the first embodiment and the second embodiment of the present invention may be considered to be insufficient for ensuring security while performing fast booting. Therefore, hereinafter, embodiments of the present invention that can satisfy both aspects will be described in detail.
  • Hereinafter, the third embodiment of the present invention shown in FIG. 5 will be described sequentially and in detail with reference to FIG. 6.
  • First of all, the entire firmware 240 is divided into N number of regions (or areas). Then, multiple interleaved portions (shown in FIG. 5 as interleaved portion A 510, interleaved portion B 520, and interleaved portion C 530) are generated, which are then adequately aligned in the N number of divided regions (S601). More specifically, interleaved portions A to C are adequately aligned in each of the N number of regions, which divides the entire firmware 240, in accordance with an alignment order decided by the system. For example, it is shown in FIG. 5 that the interleaved portions are aligned in the order of A-C-B-A-C-A-B-C-B-C-B-A for the N number of regions. However, this alignment order is merely exemplary, and, therefore, the present invention will not be limited only to the exemplary alignment order presented herein.
  • In the above-described process, in order to realize fast booting by setting the system so that all regions that are used in the current firmware 240 can be covered, and by checking and authenticating firmware security accordingly, the value N may be decided while taking into consideration the characteristics of the corresponding system. Furthermore, the value N may be varied later on depending upon the progress in the usage of the firmware, firmware upgrade, and so on.
  • Additionally, for example, the size of each region within the firmware 240, which is divided into N number of regions, may be identical to the size of the interleaved portion.
  • Moreover, referring to FIG. 5, although it is shown that an interleaved portion exists in every other region, among the N number of regions within the firmware, this is merely an example given to facilitate the understanding of the present invention. Accordingly, each of the interleaved portions may exist in each of the N number of regions, which is divided to cover the entire firmware. Furthermore, in case the firmware is divided into N number of regions while including unused regions, the gap (or space) in-between the interleaved portions may be understood as the unused regions within the entire firmware.
  • Subsequently, a digital signature is generated for each of the multiple interleaved portions adequately aligned in the N number of regions, and the generated digital signatures 540, 550, 560 are respectively stored in predetermined regions (S602). Herein, the number of the generated digital signatures corresponds to the number of multiple interleaved portions, which is different from the methods according to the first and second embodiments of the present invention. Referring to FIG. 5, interleaved portions A to C are adequately aligned in N number of regions, which covers the entire firmware 240. Herein, it can be known that a total of 3 digital signatures 540, 550, 560 respective to each of the interleaved portions A to C (a digital signature for regions within the firmware having the interleaved portion A positioned therein, a digital signature for regions within the firmware having the interleaved portion B positioned therein, and a digital signature for regions within the firmware having the interleaved portion C positioned therein) are generated and stored.
  • After step S602, each time the system is booted, the system selects an interleaved portion among the multiple interleaved portions (S603). Herein, the selection of the interleaved portion may be performed by using, for example, an equal probability selection method as a selection method for realizing true random selection. However, in relation with the above-mentioned selection, the present invention will not be limited only to the equal probability selection method. And, although a variety of other methods that can realize true random selection, which prevents selection from being made in accordance with a consistent pattern, so as to minimize damage and loss caused by hacking intrusions, can be used, since such methods use the disclosed techniques, detailed description of the same will be omitted for simplicity.
  • In step S602, a hash is generated for a region of the selected interleaved portion, and the generated hash is compared with the digital signature for the selected interleaved portion (S604). Herein, the hash is an algorithm and an example for a message digest.
  • Based upon the compared result of step S604, if a security compromise is detected, either the system is being intruded by a hacker, or the system is not fit for booting. Therefore, a boot code is corrected, or the digital signature for the boot code is corrected, so that the system booting procedure can no longer be continued (S605). However, in the opposite case (if a security compromise is not detected), the system completes the secure booting procedure.
  • Referring to FIGS. 5 and 6, according to the third embodiment of the present invention, security status for the entire firmware against hacking intrusions may be verified. Additionally, since the entire firmware is not required to be read, fast booting may be realized as well.
  • Furthermore, when applying the present invention to an actual system, a wide range of application schemes may be adopted depending upon the computing power of the system applying the present invention. For example, in a multi core or multi processor system, instead of one interleaved portion, multiple interleaved portions are selected, so as to perform authentication in parallel for each of the interleaved portions, thereby increasing the detection rate of a modulated code without increasing the authentication time. Alternatively, even if one interleaved portion is selected (e.g., if interleaved portion A is selected), the authentication procedure may be performed in parallel for each region aligned in the interleaved portion A (3 portions are included in the interleaved portion A shown in FIG. 5), thereby reducing the authentication time.
    • FOURTH EMBODIMENT
  • FIG. 7 illustrates an exemplary file system according to the present invention, and FIG. 8 illustrates a secure booting method using the characteristics of the file system shown in FIG. 7.
  • According to an embodiment of the present invention, a method of secure booting of a system in a digital broadcast receiver comprises dividing into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part, generating a digital signature of each interleaved portion, selecting a specific interleaved portion, generating a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver. At this time, the header and tailor part is updated if any interleaved portion of the body part is modified.
  • According to the present invention, the device is equipped within a unique file system. FIG. 7 shows an exemplary layout of a Squash File System as an example of the unique file system for simplicity.
  • Referring to FIG. 7, the squash file system is configured by including a header part 710 referred to as a super block, a body part 720 including datablocks and fragments, and a tailor part 730 including an mode table, a directory table, a fragment table, an export table, and a uid/gid table.
  • Herein, essentially in the squash file system shown in FIG. 7, if any change occurs in the datablocks or fragments, the data of the header part 710 is modified or updated. More specifically, any change in the datablocks or fragments may be known by using the header part 710.
  • FIG. 8 seeks to refer to the characteristics of the squash file system shown in FIG. 7 and to use such characteristics in the secure booting method.
  • Referring to FIG. 8, as shown in the squash file system of FIG. 7, it can be known that the overall regions of the firmware 240 is divided into a super block region (hereinafter referred to as a header part) 810, a datablock region (hereinafter referred to as a body part) 820, and mode table, directory table, fragment table, export table, uid/gid table regions (hereinafter referred to as a tailor part) 830.
  • Herein, for example, as shown in the above-described third embodiment of the present invention, the entire body part 820 may be divided into N number of regions, and multiple interleaved portions (e.g., interleaved portions A, B, and C in FIG. 8) may be adequately aligned with respect to the entire body part 820, which is divided into N number of regions. FIG. 8 shows an example wherein the interleaved portions A, B, and C are sequentially aligned in the body part 820 in the order of C-B-A-C-A-B-C-B-C-B.
  • Conversely, the multiple interleaved portions are all included in the header part 810 and the tailor part 830. In FIG. 8, it can be known that interleaved portions A, B, and C are all included in the header part 810 and the tailor part 830.
  • Accordingly, when using the characteristics of the above-described squash file system, even if at least one interleaved portion is selected by a true random selection according to the third embodiment of the present invention, the header part 810 or the tailor part 830 is always included. And, even if only one region of the header part 810 or the tailor part 830 is authenticated, since information on any modification or change in the body part 820 is updated to the header part 810 or the tailor part 830, system security may be ensured while realizing fast booting. Therefore, in case a hacker directly intrudes and modulates the header part 810 or the tailor part 830, such intrusion and modulation may be immediately detected. And, even if the hacker intrudes and modulates a portion of the body part 820, since such information is reflected to at least one of the header part 810 and the tailor part 830, such intrusion and modulation may also be detected.
  • Therefore, according to the fourth embodiment of the present invention, any security compromise that may occur in the file system of the device may be effectively prevented.
  • FIG. 9 illustrates a flow chart showing an exemplary operation flow of the secure booting method according to the present invention.
  • FIG. 9 uses a PKI (Public Key Infrastructure)-based algorithm as an electronic signature method, and, in an embedded environment, in order to reduce the calculation amount (time) of the PKI algorithm, a message digest algorithm is additionally used.
  • When the system is being booted, the CPU 122 of FIG. performs the operation flow shown in FIG. 9. More specifically, each time the system is booted, the CPU 122 randomly selects an arbitrary interleaved portion among the multiple interleaved portions (S901) and, then, reads pre-defined sizes of the selected interleaved portion from each position within a storage unit 132 designated by the selected interleaved portion (S902), so as to load the read interleaved portion to the memory, thereby performing message digest (S903).
  • Additionally, the CPU 122 reads Digital Signature information corresponding to a selected interleaved portion (S904) from the Storage unit 132 (S905), so as to load the read Digital Signature information to the memory, and also reads Public Key information of the Bootloader 220 from the Storage unit, so as to load the read Public Key information to the memory. Thereafter, the read Digital Signature information is decrypted by using the read Public Key information of the Bootloader 220 (S906).
  • The CPU 122 compares a value outputted from the decryption process with a value outputted from the message digest process (S907). And, if the two values are equal to one another, the booting procedure is resumed (S908) (i.e., booting is successful). And, if the two values are different from one another, the booting procedure is stopped (S909). Furthermore, by using a method of deleting or modifying the boot code, or by using a method of deleting or modifying the Digital Signature for the boot code, booting of the system may be permanently disabled (i.e., the system may be permanently unbootable).
  • Hereinafter, a secure booting method for applications, which are divided into multiple partitions, will be described in detail.
    • FIFTH AND SIXTH EMBODIMENTS
  • FIG. 10 illustrates an example of an entire firmware image being stored in a storage unit as a binary image according to the present invention, FIG. 11 illustrates an example of a plurality of applications, which are stored in the device, being classified as a plurality of partitions (a plurality of binaries) and stored in the storage unit according to the present invention, and FIG. 12 illustrates an example of dividing fragments only for a Used Area of each partition according to the present invention.
  • According to the present invention, a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of fragments to generate a digital signature, respectively, with each partition in an entire firmware image, wherein the partition is used to an application and is consisted of a different binary image, respectively, generating a digital signature of each fragment, selecting a specific fragment, generating a first message digest to read an area of the selected fragment in each partition and a second message digest from the digital signature of the selected fragment and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • Applications that are stored in a storage unit of the may be configured as a single partition and used and, whenever required, the applications may also be divided into a plurality of partitions and used.
  • In this case, FIG. 10 and FIG. 11 may be collectively used.
  • In FIG. 10, for example, the entire applications are configured as a single binary image, which may correspond to an efficient structure for continuously storing the corresponding binary image without being interrupted by unused areas, when the binary image is being stored in the storage unit. Also, for instances, a plurality of fragments (Fragment #A 1022, Fragment #B 1024, Fragment #C 1026) correspond to the interleaved portion in FIG. 5 are aligned with the storage unit. Accordingly, the verification is processed as similarly FIG. 2.
  • FIG. 11, for example, is efficient for a case wherein multiple applications are configured as binary images each different from one another, thereby being divided into multiple partitions and stored within the storage unit.
  • Conversely, FIG. 12 corresponds to a method of using the method of FIG. 10 in a structure shown in FIG. 11, wherein only the used area (or regions) of each partition are divided into multiple fragments.
  • Therefore, as shown in FIG. 12, in case of applications divided into multiple partitions 1120, 1140, 1160, the method of FIG. 5 is applied only for the Used Area of each partition. Thus, the entire firmware is read so that the entire firmware can be authenticated without having to load the read information to the memory.
  • Referring to FIG. 12, for example, K number of areas (or regions) used by the applications within the entire firmware region, i.e., partitions exist. And, each partition may be identified by using N number of fragments 1210, 1220 and 1230 or 1240, 1250 and 1260.
  • Herein, the system may be able to know a start offset and used size of each partition during a Running Time of the system, and N is a pre-fixed value. At this point, the fragment that is to be read uses the start offset and N value information so as to be capable of reading the required (or necessary) parts.
  • Thus, the unused area shown in FIGS. 11 and 12 are not required to be read and loaded to the memory, and the Digital Signature for the unused area is not required to be calculated. More specifically, the Authentication process for the unused area may be omitted. Accordingly, the authentication time for the entire firmware may be reduced, and, by preventing the value N from excessively increasing, an optimal N value may be set up, thereby further enhancing the efficiency of the authentication process.
  • FIG. 13 illustrates a secure booting method according to a fifth embodiment of the present invention.
  • FIG. 13 illustrates an example of a firmware having the method of FIG. 12 applied thereto.
  • Referring to FIG. 13, M number of unused areas 1320, 1340 and k number of partitions of used areas 1310, 1330 used by the applications exist within the entire firmware. Herein, in each partition, for example, N number of fragments is aligned so as to cover the entire region of the corresponding partition. At this point, the number of fragments N may either be the same in each partition, or may be different from one another depending upon the size of each partition. Also, the fragments 1312, 1314 and 1316 or 1332, 1334 and 1336 may either have the same alignment order in all of the partitions, or the fragments may have a different alignment order for each partition.
  • Furthermore, in FIG. 13, a digital signature 1352, 1354 and 1356 is generated with respect to each of the n number of fragments and then stored.
  • In other words, when at least one or more fragments are selected from N number of fragments, instead of reading all of the fragments of each partition within the firmware, by reading only the area (or region) wherein the at least one of more selected fragments are aligned, the secure booting method according to the fifth embodiment of the present invention may ensure secure booting while reducing a significant amount of authentication time.
  • FIG. 14 illustrates a secure booting method according to a sixth embodiment of the present invention.
  • The sixth embodiment of the present invention is similar to the above-described fifth embodiment of the present invention. Therefore, reference will be made to the identical parts, or the direct citations will be made on the common parts. Therefore, only the different parts will be described in the following description.
  • For example, all of the partitions that are used by the applications within the firmware are not required to be divided into N number of fragments. Referring to FIG. 14, in case of partitions 3 and 5 (small partitions) 1410, 1420, which are used by applications, since the size of each partition is small, the entire portion of the corresponding partitions may be read and authenticated. Furthermore, in case of the small partitions, a digital signature 1432, 1434 may be individually generated for each small partition, or a single digital signature may be generated for a plurality of small partitions. In case of such small partitions, the size of a small partition and the authentication process for the small partition are decided based upon a standard pre-decided by the system. And, default settings may be made on the small partitions decided as described above, so that the entire region (or area) of the corresponding small partitions is read and authenticated.
    • SEVENTH AND EIGHTH EMBODIMENTS
  • FIG. 15 illustrates a secure booting method according to a seventh embodiment of the present invention, and FIG. 16 illustrates a secure booting method according to an eighth embodiment of the present invention.
  • According to the present invention, a method of secure booting of a system in a digital broadcast receiver comprises aligning a plurality of fragments to generate a digital signature, respectively, with a first partition and a second partition to be verified a whole area in an entire firmware image, wherein each first partition is used to an application and is consisted of a different binary image, respectively, generating a digital signature of each fragment and the second partition, selecting a specific fragment, generating a first message digest to read an area of the selected fragment in the first partition and the second partition, and a second message digest from the digital signature of the selected fragment and the second partition and verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
  • Herein, the secure booting method according to the seventh embodiment of the present invention shown in FIG. 15 corresponds to a combined concept of the fourth and fifth embodiments of the present invention, and the secure booting method according to the eighth embodiment of the present invention shown in FIG. 16 corresponds to a combined concept of the fourth and sixth embodiments of the present invention.
  • The seventh embodiment of the present invention will now be described with reference to FIG. 15. In the seventh embodiment of the present invention, the firmware is divided into a plurality of partitions 1510 and 1520, as described in the fifth embodiment of the present invention. And, unlike in the fifth embodiment of the present invention, when each partition uses multiple fragments 1512, 1514 and 1516, the concept of the squash file system is used, as described in the fourth embodiment of the present invention.
  • The eighth embodiment of the present invention will now be described with reference to FIG. 16. In the eighth embodiment of the present invention, the firmware is divided into a plurality of partitions, including small partitions 1610 and 1620, as described in the sixth embodiment of the present invention. Herein, the entire area of each small partition is read and authenticated, and the concept of the squash file system is used in the remaining partitions, as described in the fourth embodiment of the present invention.
  • For example, when multiple fragments are used in a specific partition, unlike in the above-described fifth and sixth embodiments of the present invention, the squash file system is divided into a header part, a body part, and a tailor part, and the squash file system may be configured so that all of the fragments are included in the header part and the tailor part. Accordingly, by reading only the header and tailor parts and by loading the read header and tailor parts to the memory, security may be ensured for the authentication of the entire region of the corresponding partition, and the authentication time may be reduced significantly.
  • Furthermore, although it is not shown, considering the size of each partition, the concept of the squash file system is applied in a specific partition, as described in the fourth embodiment of the present invention, and secure booting may be performed by using multiple partitions on the entire region of the corresponding partition, as described in the third embodiment of the present invention. This may be applied in the system after deciding an efficient structure of the system based upon the security issue and authentication time for the corresponding system. Moreover, in case of the squash file system of FIG. 7, when hacking attempts are being made on each datablock, only the corresponding block may be affected by the hacking attempts. However, since firmware images are essentially compressed in the squash file system, in case the corresponding block is affected by the hacking attempts, the compressed files, i.e., the size and offset of the datablock may be modified. Accordingly, such modifications are evidently reflected to the header part or the tailor part, thereby enabling the system to detect any modulation on the respective firmware image.
  • FIG. 17 illustrates a flow chart showing another exemplary operation flow of the secure booting method according to the present invention.
  • FIG. 17 is nearly identical to the above-described operation flow shown in FIG. 9.
  • When the system is being booted, the CPU 122 of FIG. performs the operation flow shown in FIG. 17. More specifically, each time the system is booted, the CPU 122 randomly selects at least one fragment from a plurality of fragments (S1701) and, then, reads the selected fragment from each partition (S1702), so as to load the read fragment to the memory, thereby performing message digest (S1703).
  • Additionally, the CPU 122 reads Digital Signature information corresponding to the selected fragment (S1704) from the Storage unit, so as to load the read Digital Signature information to the memory, and also reads Public Key information of the Bootloader 220 from the Storage unit, so as so as to load the read Public Key information to the memory. Thereafter, the read Digital Signature information is decrypted by using the read Public Key information of the Bootloader 220 (S1705).
  • The CPU 122 compares a value outputted from the decryption process with a value outputted from the message digest process (S1706). And, if the two values are equal to one another, the booting procedure is resumed (S1707) (i.e., booting is successful). And, if the two values are different from one another, the booting procedure is stopped (S1708). Furthermore, by using a method of deleting or modifying the boot code, or by using a method of deleting or modifying the Digital Signature for the boot code, booting of the system may be permanently disabled (i.e., system may be permanently unbootable).
  • The above-described operation flows shown in FIG. 6 or FIG. 9 or FIG. 17 may be performed only once, or, when tighter security is required depending upon the security level, the same operation flow may be repeatedly performed, or the above-described operation flow may be repeatedly performed on other interleaved portions or fragments, thereby ensuring a higher level of security.
  • Each of the above-described embodiments of the present invention is applied in the system shown in FIG. 1. Among the devices including a CPU 122 (herein, the CPU includes all of a secure processor, a micro processor, and a security-specific chip 210 realizing a security function with an HW), a memory, and a storage unit (storage units including HDD or flash memory), each embodiment of the present invention may be applied to any type of system that seeks to adopt the secure booting method in order to protect the data within the storage unit from any external hacking intrusions on the data within the storage unit, wherein the hacking intrusions include data modulation on the data within the storage unit. Most particularly, the secure booting method is effective when applied in a system, which requires fast verification for a secure booting process of a firmware.
  • As described above, according to each embodiment of the present invention, the authentication time may be minimized while ensuring a maximum level of security of the system during the booting process. And, by reducing the booting time, user convenience may be enhanced, and the system may be capable of responding more quickly to the user's requests. Additionally, the efficiency of the entire system may be enhanced while maintaining backward compatibility with the conventional system. Furthermore, in addition to secure booting, the method according to the present invention may be applied in diverse fields that require ensured security and reduced authentication time.
  • It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the inventions. Thus, it is intended that the present invention covers the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents.

Claims (20)

1. A method of secure booting of a system in a digital broadcast receiver, the method comprising:
aligning a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image;
generating a digital signature of each interleaved portion;
selecting a specific interleaved portion;
generating a first message digest to read a region of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion; and
verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
2. The method of claim 1, wherein the selected interleave portion is randomly selected according to an equal probability method every booting the system.
3. The method of claim 1, further comprises verifying a boot loader to authenticate the firmware image at a chip having a public key.
4. The method of claim 1, wherein the first message digest is generated using a hash algorithm.
5. A method of secure booting of a system in a digital broadcast receiver, the method comprising:
dividing into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part;
generating a digital signature of each interleaved portion;
selecting a specific interleaved portion;
generating a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion; and
verifying the firmware image based on the first and second message digest and booting the system in the digital broadcast receiver.
6. The method of claim 5, wherein the file system includes a squash file system.
7. The method of claim 5, wherein the header and tailor part is updated if any interleaved portion of the body part is modified.
8. The method of claim 5, wherein the selected interleave portion is randomly selected according to an equal probability method every booting the system.
9. The method of claim 5, further comprises verifying a boot loader to authenticate the firmware image at a chip having a public key.
10. The method of claim 5, wherein the first message digest is generated using a hash algorithm.
11. A digital broadcast receiver of secure booting of a system, the digital broadcast receiver comprising:
a controller configured to control to align a plurality of interleaved portions to generate a digital signature, respectively, with an entire firmware image, and generate a digital signature of each interleaved portion,
the controller further configured to control to select a specific interleaved portion, generate a first message digest to read one or more regions of the selected interleaved portion in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion, and verify the firmware image based on the first and second message digest and boot the system in the digital broadcast receiver.
12. The digital broadcast receiver of claim 11, wherein the controller controls to be randomly select the specific interleaved portion according to an equal probability method every booting the system.
13. The digital broadcast receiver of claim 11, further comprises verifying a boot loader to authenticate the firmware image at a chip having a public key.
14. The digital broadcast receiver of claim 11, wherein the first message digest is generated using a hash algorithm.
15. A digital broadcast receiver of secure booting of a system, the digital broadcast receiver comprising:
a controller configured to control to divide into a header part, a body part and a tailor part in an entire firmware image based on a file system, wherein the body part is aligned a plurality of interleaved portions to generate a digital signature, respectively, and the header and tailor part as a whole area includes all interleaved portions of the body part, and generate a digital signature of each interleaved portion,
the controller further configured to select a specific interleaved portion, generate a first message digest to read any one of the header and tailor part in the entire firmware image and a second message digest from the digital signature of the selected interleaved portion, and verify the firmware image based on the first and second message digest and boot the system in the digital broadcast receiver.
16. The digital broadcast receiver of claim 15, wherein the file system includes a squash file system.
17. The digital broadcast receiver of claim 15, wherein the header and tailor part is updated if any interleaved portion of the body part is modified.
18. The digital broadcast receiver of claim 15, wherein the controller is control to be randomly selected the specific interleaved portion according to an equal probability method every booting the system.
19. The digital broadcast receiver of claim 15, wherein the controller further controls to verify a boot loader to authenticate the firmware image at a chip having a public key.
20. The digital broadcast receiver of claim 15, wherein the controller controls to generate the first message digest using a hash algorithm.
US12/961,145 2009-12-04 2010-12-06 Digital broadcast receiver and booting method of digital broadcast receiver Expired - Fee Related US8583909B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/961,145 US8583909B2 (en) 2009-12-04 2010-12-06 Digital broadcast receiver and booting method of digital broadcast receiver

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US26652209P 2009-12-04 2009-12-04
US29089309P 2009-12-30 2009-12-30
US12/961,145 US8583909B2 (en) 2009-12-04 2010-12-06 Digital broadcast receiver and booting method of digital broadcast receiver

Publications (2)

Publication Number Publication Date
US20110138164A1 true US20110138164A1 (en) 2011-06-09
US8583909B2 US8583909B2 (en) 2013-11-12

Family

ID=44083161

Family Applications (1)

Application Number Title Priority Date Filing Date
US12/961,145 Expired - Fee Related US8583909B2 (en) 2009-12-04 2010-12-06 Digital broadcast receiver and booting method of digital broadcast receiver

Country Status (5)

Country Link
US (1) US8583909B2 (en)
EP (1) EP2507991B1 (en)
KR (1) KR101776630B1 (en)
CN (1) CN102742290B (en)
WO (1) WO2011068392A2 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102572595A (en) * 2012-02-03 2012-07-11 深圳市同洲电子股份有限公司 IPTV upgrade package structure, upgrading method and startup calibration method
EP2621183A1 (en) * 2012-01-27 2013-07-31 Samsung Electronics Co., Ltd. Display apparatus, control method thereof, upgrade apparatus, and display system
KR20140103115A (en) * 2011-12-21 2014-08-25 소니 주식회사 Information processing device, server device, information processing method, server processing method, and program
US20140365755A1 (en) * 2013-06-07 2014-12-11 Dell Inc. Firmware authentication
JP2015022521A (en) * 2013-07-19 2015-02-02 スパンション エルエルシー Secure boot method, built-in apparatus, secure boot device and secure boot program
US20180060589A1 (en) * 2016-09-01 2018-03-01 Nxp B.V. Apparatus and associated method for authenticating firmware
WO2018125797A1 (en) * 2016-12-28 2018-07-05 Echostar Technologies L.L.C. Forced execution of authenticated code
US10325077B2 (en) 2016-12-23 2019-06-18 DISH Technologies L.L.C. Strong authentication of client set-top boxes
US10452870B2 (en) 2016-12-06 2019-10-22 Dish Technologies Llc Smart card authenticated download
US10484753B2 (en) 2016-12-23 2019-11-19 DISH Tchnologies L.L.C. Securely paired delivery of activation codes from smart card to remote client set-top box
US10484752B2 (en) 2016-12-23 2019-11-19 DISH Technologies L.L.C. Securely paired delivery of activation codes from smart card to host set-top box
JP2020072431A (en) * 2018-11-02 2020-05-07 三菱電機株式会社 Control device
EP3718282A4 (en) * 2017-11-30 2021-08-11 Mocana Corporation System and method for securing data transport between a non-ip endpoint device that is connected to a gateway device and a connected service
US11126726B2 (en) * 2017-12-20 2021-09-21 Canon Kabushiki Kaisha Information processing apparatus, control method thereof, and program storage medium
US11366905B2 (en) * 2016-07-04 2022-06-21 Sew-Eurodrive Gmbh & Co. Kg Security device and method for operating a system
US11394558B2 (en) * 2019-09-23 2022-07-19 Igt Segment-based file authentication
US11595217B2 (en) 2018-12-06 2023-02-28 Digicert, Inc. System and method for zero touch provisioning of IoT devices

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9652468B2 (en) * 2013-12-17 2017-05-16 Annapurna Labs Ltd. In-band de-duplication
KR20180050052A (en) * 2016-11-04 2018-05-14 삼성전자주식회사 Display apparatus and method for controlling thereof
CN108345805B (en) * 2017-05-05 2022-09-02 清华大学 Method and device for verifying firmware

Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5448045A (en) * 1992-02-26 1995-09-05 Clark; Paul C. System for protecting computers via intelligent tokens or smart cards
US5737340A (en) * 1996-07-01 1998-04-07 Mentor Graphics Corporation Multi-phase test point insertion for built-in self test of integrated circuits
US20020157010A1 (en) * 2001-04-24 2002-10-24 International Business Machines Corporation Secure system and method for updating a protected partition of a hard drive
US6571335B1 (en) * 1999-04-01 2003-05-27 Intel Corporation System and method for authentication of off-chip processor firmware code
US20030115471A1 (en) * 2001-12-19 2003-06-19 Skeba Kirk W. Method and apparatus for building operational radio firmware using incrementally certified modules
US20030217193A1 (en) * 2002-05-17 2003-11-20 Sun Microsystems, Inc. Method, system and article of manufacture for a firmware image
US20030237028A1 (en) * 2002-06-20 2003-12-25 Nokia Corporation Method and a system for evaluating the reliability of a program in an electronic device, and an electronic device
US20040162472A1 (en) * 1999-09-28 2004-08-19 Nellcor Puritan Bennett Incorporated Sensor with signature of data relating to sensor
US20050091496A1 (en) * 2003-10-23 2005-04-28 Hyser Chris D. Method and system for distributed key management in a secure boot environment
US20060129795A1 (en) * 2004-12-10 2006-06-15 Intel Corporation Interleaved boot block to support multiple processor architectures and method of use
US20060136704A1 (en) * 2004-12-17 2006-06-22 International Business Machines Corporation System and method for selectively installing an operating system to be remotely booted within a storage area network
US7174457B1 (en) * 1999-03-10 2007-02-06 Microsoft Corporation System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party
US20070076130A1 (en) * 2005-09-30 2007-04-05 Kabushiki Kaisha Toshiba Broadcast receiver and method of controlling the same
US20070283405A1 (en) * 2006-06-01 2007-12-06 Sang Hoon Cha Broadcast receiver and method for providing diagnostic information
US20080098418A1 (en) * 2006-10-19 2008-04-24 Advanced Digital Broadcast S.A. Electronic module for digital television receiver
US20080133922A1 (en) * 2006-11-30 2008-06-05 Red Hat, Inc. File Update Availability Checking In a Hierarchal File Store
US20080137848A1 (en) * 2003-07-07 2008-06-12 Cryptography Research, Inc. Reprogrammable security for controlling piracy and enabling interactive content
US20080222368A1 (en) * 2005-01-07 2008-09-11 Christian Gehrmann Updating Memory Contents of a Processing Device
US20090052662A1 (en) * 2002-06-20 2009-02-26 Oxford William V Method and system for a recursive security protocol for digital copyright control
US20090249331A1 (en) * 2008-03-31 2009-10-01 Mark Charles Davis Apparatus, system, and method for file system sharing
US20090271581A1 (en) * 2008-04-24 2009-10-29 Echostar Technologies Corporation Systems and methods for reliably managing files in a computer system
US20100161633A1 (en) * 2008-12-22 2010-06-24 Alain Nochimowski Method for providing a suggested read list of digital data to a host device
US20110022566A1 (en) * 2009-06-26 2011-01-27 Simplivt Corporation File system
US8135723B2 (en) * 2008-11-12 2012-03-13 Microsoft Corporation Leveraging low-latency memory access

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5844986A (en) * 1996-09-30 1998-12-01 Intel Corporation Secure BIOS
EP1273996B1 (en) * 2001-07-06 2008-08-06 Texas Instruments Incorporated Secure bootloader for securing digital devices
US20090193211A1 (en) * 2008-01-24 2009-07-30 Broadcom Corporation Software authentication for computer systems
KR100947323B1 (en) 2008-02-29 2010-03-16 주식회사 알티캐스트 Method for the temper-proof to contents protection solution utilizing smart card
KR20110058448A (en) 2009-11-26 2011-06-01 삼성전자주식회사 Method and apparatus for download secure micro bootloader of receiver in download conditional access system

Patent Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5448045A (en) * 1992-02-26 1995-09-05 Clark; Paul C. System for protecting computers via intelligent tokens or smart cards
US5737340A (en) * 1996-07-01 1998-04-07 Mentor Graphics Corporation Multi-phase test point insertion for built-in self test of integrated circuits
US7174457B1 (en) * 1999-03-10 2007-02-06 Microsoft Corporation System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party
US6571335B1 (en) * 1999-04-01 2003-05-27 Intel Corporation System and method for authentication of off-chip processor firmware code
US20040162472A1 (en) * 1999-09-28 2004-08-19 Nellcor Puritan Bennett Incorporated Sensor with signature of data relating to sensor
US20020157010A1 (en) * 2001-04-24 2002-10-24 International Business Machines Corporation Secure system and method for updating a protected partition of a hard drive
US20030115471A1 (en) * 2001-12-19 2003-06-19 Skeba Kirk W. Method and apparatus for building operational radio firmware using incrementally certified modules
US20030217193A1 (en) * 2002-05-17 2003-11-20 Sun Microsystems, Inc. Method, system and article of manufacture for a firmware image
US20090052662A1 (en) * 2002-06-20 2009-02-26 Oxford William V Method and system for a recursive security protocol for digital copyright control
US20030237028A1 (en) * 2002-06-20 2003-12-25 Nokia Corporation Method and a system for evaluating the reliability of a program in an electronic device, and an electronic device
US20080137848A1 (en) * 2003-07-07 2008-06-12 Cryptography Research, Inc. Reprogrammable security for controlling piracy and enabling interactive content
US20050091496A1 (en) * 2003-10-23 2005-04-28 Hyser Chris D. Method and system for distributed key management in a secure boot environment
US20060129795A1 (en) * 2004-12-10 2006-06-15 Intel Corporation Interleaved boot block to support multiple processor architectures and method of use
US20060136704A1 (en) * 2004-12-17 2006-06-22 International Business Machines Corporation System and method for selectively installing an operating system to be remotely booted within a storage area network
US20080222368A1 (en) * 2005-01-07 2008-09-11 Christian Gehrmann Updating Memory Contents of a Processing Device
US20070076130A1 (en) * 2005-09-30 2007-04-05 Kabushiki Kaisha Toshiba Broadcast receiver and method of controlling the same
US20070283405A1 (en) * 2006-06-01 2007-12-06 Sang Hoon Cha Broadcast receiver and method for providing diagnostic information
US20080098418A1 (en) * 2006-10-19 2008-04-24 Advanced Digital Broadcast S.A. Electronic module for digital television receiver
US20080133922A1 (en) * 2006-11-30 2008-06-05 Red Hat, Inc. File Update Availability Checking In a Hierarchal File Store
US20090249331A1 (en) * 2008-03-31 2009-10-01 Mark Charles Davis Apparatus, system, and method for file system sharing
US20090271581A1 (en) * 2008-04-24 2009-10-29 Echostar Technologies Corporation Systems and methods for reliably managing files in a computer system
US8135723B2 (en) * 2008-11-12 2012-03-13 Microsoft Corporation Leveraging low-latency memory access
US20100161633A1 (en) * 2008-12-22 2010-06-24 Alain Nochimowski Method for providing a suggested read list of digital data to a host device
US20110022566A1 (en) * 2009-06-26 2011-01-27 Simplivt Corporation File system

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102066299B1 (en) 2011-12-21 2020-01-14 소니 주식회사 Information processing device, server device, information processing method, server processing method, and program
US9723376B2 (en) * 2011-12-21 2017-08-01 Saturn Licensing Llc Information processing apparatus, server apparatus, information processing method, server processing method, and program
KR20140103115A (en) * 2011-12-21 2014-08-25 소니 주식회사 Information processing device, server device, information processing method, server processing method, and program
US20140331250A1 (en) * 2011-12-21 2014-11-06 Sony Corporation Information processing apparatus, server apparatus, information processing method, server processing method, and program
US9141395B2 (en) 2012-01-27 2015-09-22 Samsung Electronics Co., Ltd. Display apparatus, control method thereof, upgrade apparatus, and display system
EP2621183A1 (en) * 2012-01-27 2013-07-31 Samsung Electronics Co., Ltd. Display apparatus, control method thereof, upgrade apparatus, and display system
CN102572595A (en) * 2012-02-03 2012-07-11 深圳市同洲电子股份有限公司 IPTV upgrade package structure, upgrading method and startup calibration method
US20140365755A1 (en) * 2013-06-07 2014-12-11 Dell Inc. Firmware authentication
US9189631B2 (en) * 2013-06-07 2015-11-17 Dell Inc. Firmware authentication
JP2015022521A (en) * 2013-07-19 2015-02-02 スパンション エルエルシー Secure boot method, built-in apparatus, secure boot device and secure boot program
US11366905B2 (en) * 2016-07-04 2022-06-21 Sew-Eurodrive Gmbh & Co. Kg Security device and method for operating a system
US20180060589A1 (en) * 2016-09-01 2018-03-01 Nxp B.V. Apparatus and associated method for authenticating firmware
US10565380B2 (en) * 2016-09-01 2020-02-18 Nxp B.V. Apparatus and associated method for authenticating firmware
US10452870B2 (en) 2016-12-06 2019-10-22 Dish Technologies Llc Smart card authenticated download
US10325077B2 (en) 2016-12-23 2019-06-18 DISH Technologies L.L.C. Strong authentication of client set-top boxes
US10484752B2 (en) 2016-12-23 2019-11-19 DISH Technologies L.L.C. Securely paired delivery of activation codes from smart card to host set-top box
US10484753B2 (en) 2016-12-23 2019-11-19 DISH Tchnologies L.L.C. Securely paired delivery of activation codes from smart card to remote client set-top box
US10970367B2 (en) 2016-12-23 2021-04-06 DISH Technologies L.L.C. Strong authentication of client set-top boxes
US11250170B2 (en) 2016-12-23 2022-02-15 DISH Technologies L.L.C. Secure activation of client receiver by host receiver smart card
US11259065B2 (en) 2016-12-23 2022-02-22 DISH Technologies L.L.C. Securely paired delivery of activation codes between removable and integrated security processors
US10171870B2 (en) 2016-12-28 2019-01-01 DISH Technologies L.L.C. Forced execution of authenticated code
WO2018125797A1 (en) * 2016-12-28 2018-07-05 Echostar Technologies L.L.C. Forced execution of authenticated code
EP3718282A4 (en) * 2017-11-30 2021-08-11 Mocana Corporation System and method for securing data transport between a non-ip endpoint device that is connected to a gateway device and a connected service
US11126726B2 (en) * 2017-12-20 2021-09-21 Canon Kabushiki Kaisha Information processing apparatus, control method thereof, and program storage medium
JP2020072431A (en) * 2018-11-02 2020-05-07 三菱電機株式会社 Control device
US11595217B2 (en) 2018-12-06 2023-02-28 Digicert, Inc. System and method for zero touch provisioning of IoT devices
US11394558B2 (en) * 2019-09-23 2022-07-19 Igt Segment-based file authentication

Also Published As

Publication number Publication date
EP2507991B1 (en) 2017-08-30
WO2011068392A2 (en) 2011-06-09
EP2507991A4 (en) 2015-09-02
KR101776630B1 (en) 2017-09-08
WO2011068392A3 (en) 2011-11-10
US8583909B2 (en) 2013-11-12
CN102742290B (en) 2015-11-25
KR20120113749A (en) 2012-10-15
EP2507991A2 (en) 2012-10-10
CN102742290A (en) 2012-10-17

Similar Documents

Publication Publication Date Title
US8583909B2 (en) Digital broadcast receiver and booting method of digital broadcast receiver
US10382816B2 (en) Systems and methods for performing transport I/O
US7698562B2 (en) Authenticated program execution method
US20180183581A1 (en) Arrangements for datalink security
US9479825B2 (en) Terminal based on conditional access technology
KR101355057B1 (en) Enforcing softwate updates in an electronic device
US11250170B2 (en) Secure activation of client receiver by host receiver smart card
US8621093B2 (en) Non-blocking of head end initiated revocation and delivery of entitlements non-addressable digital media network
US9647997B2 (en) USB interface for performing transport I/O
US20200099964A1 (en) Method and device for checking authenticity of a hbbtv related application
TWI717322B (en) Usb interface for performing transport i/o
KR100950596B1 (en) Broadcasting receiving apparatus based on downloadable conditional access system and method for reinforcing security thereof
KR20150004997A (en) Authenticating method in external storage device

Legal Events

Date Code Title Description
AS Assignment

Owner name: LG ELECTRONICS INC., KOREA, REPUBLIC OF

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHA, SANG HOON;KIM, BONG SEOK;JEONG, CHAN GYUN;AND OTHERS;REEL/FRAME:025851/0832

Effective date: 20110120

STCF Information on status: patent grant

Free format text: PATENTED CASE

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20211112